David Berlind is editor-in-chief of ProgrammableWeb.
Cybersecurity solution provider Trend Micro has issued a report that highlights how chat platform APIs can and are being used by cybercriminals to achieve their nefarious objectives.
Because of the degree to which Webhook APIs are involved (an API attack vector not previously discussed on ProgrammableWeb), the warnings and incidents should serve as a wake-up call to API providers and developers when it comes to the sorts of best practices and ongoing vigilance it takes to fully secure their customers and systems.Provided that the incentives are worth it,
2016 has finally come to an end, and that means an opportunity for your IT teams to start fresh and do great things for the business in 2017. But where’s the best place to start? Here are our top 7 r resolutions for your teams to consider in the upcoming year.
Don’t take security for granted.
High profile security breaches this year highlighted just how important security practices are when doing business.
A convergence of digital forces – notably mobile, SaaS, cloud, big data, IoT and social – is creating massive disruption in the market and pushing businesses to move at much faster speeds. However, with a fixed set of resources and a constrained capacity to deliver on new projects, IT is often accused of holding the business back rather than enabling it.
The resulting IT delivery gap is exacerbated even further when IT resorts to shortcuts that get projects done on time and on budget.
This is part 3 of my API security blog series. I will be showing an example scenario of how Anypoint platform can be a vital component of a secure API-led architecture and the capabilities to securing the API.
If you missed part 1 and part 2 here they are:
- API security: Ways to authenticate and authorize
- API security: Keeping data private but accessible
This post will be part 1 of 3 for my ultimate guide to API security best practices series. In this post, I will be discussing the current concerns IT decision makers have in regards to their current digital assets.
Part 2 – API security: Keeping data private but accessible will address the need for keeping data private and protecting it from being compromised while making it accessible at all times.
Learn how to align security and agility
In some organizations, the Chief Information Security Officer (CISO) has earned a reputation inside of IT as a blocker or a hindrance to innovation. Some CISOs have even be referred to as the ‘Queen (or King) of No.’ Why? Because despite the massive amounts of attention being paid to security in the media, with Target, Apple, Nissan, and Twitter all making the news recently for their security failures,
In a previous post, I explained the reasons why pure SOA, despite being a powerful architectural paradigm with many benefits, could fall short. Building on that narrative, I will provide in this post guiding principles to help you create a modern integration strategy – one that enables digital transformation, supports the API economy and is suitable for the pace of change required to build an application network.
Note: Please refer to the following page for more updated information.
Anypoint Platform TLS 1.0 Deprecation
In an effort to ensure the highest levels of security for our customers, and in response to the PCI-DSS 3.1 standard, MuleSoft has begun the process of removing TLS v1.0, and replacing with TLS v1.2 as the default encryption protocol for inbound and outbound connections to Anypoint Platform.
As you might have read, Mule 3.8 includes a number of improvements regarding TLS. In this post, we will analyze the TLS environment prior to this release and explore all of the new enhancements in detail so that you can start taking advantage of them.
The basics of Transport Layer Security
TLS (as SSL), is a protocol that provides security across a network. It guarantees privacy by encrypting each message (no one else can see the data),
We recently introduced our HowTo blog series, which is designed to present simple use-case tutorials to help you as you evaluate MuleSoft’s Anypoint platform. In this blog post, we show how an organization can use Anypoint Platform to communicate with their partners using a secure file-based solution.
When an organization communicates with its business partners, there are many different options such as traditional B2B exchange,