|By Jackie Kahle||
|July 31, 2014 02:30 PM EDT||
Andi Mann from CA Technologies recently pointed out that, at every turn, customers are interacting more and more with businesses through applications. "Think of real estate businesses like Trulia, Zillow and Realtor.com," he wrote in Wired's Innovation Insights. "Or think about restaurants. It used to be that we'd call a restaurant to make a reservation, or even drop in and make a reservation. Now it's all on-line, through OpenTable, or Foursquare." This is the emergence of the Application Economy, where the application becomes the primary point of contact between the business and the customer.
Much of this is being made possible through the use of Application Programming Interfaces (APIs) to link front-end applications to back-end information systems. This approach is exploding in popularity because it builds on well-understood techniques from the web and leverages some existing infrastructure.
But it is a mistake to think we can secure APIs using the same methods and technology that we used to secure the conventional, browser-centric web. While it is true that APIs share many of the same threats that plague the web, they are fundamentally different and have an entirely unique risk profile that you need to manage.
Good API developers understand the threat profile of what they are designing. Unfortunately, many API developers come directly from a web design background, and may bring with them some bad habits. It's important to recognize that despite their common roots and sharing of infrastructure, web design and API design have separate goals and demand different approaches.
A new SlideShare posted by CA Technologies, How Risky are Your APIs?, explains the potential risks of APIs and highlights the three most common forms of attack.
The SlideShare is based on a recent eBooklet published by Scott Morrison of CA Technologies, Five Simple Strategies for Securing Your APIs, which not only goes into much greater detail on the threats but lays out five simple steps that organizations should be taking today to reduce their risk.
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Oct. 23, 2016 02:30 PM EDT Reads: 1,351
Oct. 23, 2016 02:15 PM EDT Reads: 1,300
Oct. 23, 2016 02:15 PM EDT Reads: 752
Oct. 23, 2016 02:00 PM EDT Reads: 4,433
Oct. 23, 2016 01:00 PM EDT Reads: 1,777
Oct. 23, 2016 12:45 PM EDT Reads: 1,423
Oct. 23, 2016 12:45 PM EDT Reads: 970
Oct. 23, 2016 12:30 PM EDT Reads: 4,501
Oct. 23, 2016 12:00 PM EDT Reads: 8,345
Oct. 23, 2016 11:30 AM EDT Reads: 11,319
Oct. 23, 2016 11:15 AM EDT Reads: 1,179
Oct. 23, 2016 11:00 AM EDT Reads: 935
Oct. 23, 2016 10:30 AM EDT Reads: 1,460
Oct. 23, 2016 10:00 AM EDT Reads: 4,006
Oct. 23, 2016 09:45 AM EDT Reads: 1,882