|By Jackie Kahle||
|July 31, 2014 02:30 PM EDT||
Andi Mann from CA Technologies recently pointed out that, at every turn, customers are interacting more and more with businesses through applications. "Think of real estate businesses like Trulia, Zillow and Realtor.com," he wrote in Wired's Innovation Insights. "Or think about restaurants. It used to be that we'd call a restaurant to make a reservation, or even drop in and make a reservation. Now it's all on-line, through OpenTable, or Foursquare." This is the emergence of the Application Economy, where the application becomes the primary point of contact between the business and the customer.
Much of this is being made possible through the use of Application Programming Interfaces (APIs) to link front-end applications to back-end information systems. This approach is exploding in popularity because it builds on well-understood techniques from the web and leverages some existing infrastructure.
But it is a mistake to think we can secure APIs using the same methods and technology that we used to secure the conventional, browser-centric web. While it is true that APIs share many of the same threats that plague the web, they are fundamentally different and have an entirely unique risk profile that you need to manage.
Good API developers understand the threat profile of what they are designing. Unfortunately, many API developers come directly from a web design background, and may bring with them some bad habits. It's important to recognize that despite their common roots and sharing of infrastructure, web design and API design have separate goals and demand different approaches.
A new SlideShare posted by CA Technologies, How Risky are Your APIs?, explains the potential risks of APIs and highlights the three most common forms of attack.
The SlideShare is based on a recent eBooklet published by Scott Morrison of CA Technologies, Five Simple Strategies for Securing Your APIs, which not only goes into much greater detail on the threats but lays out five simple steps that organizations should be taking today to reduce their risk.
Aug. 27, 2016 06:15 PM EDT Reads: 692
Aug. 27, 2016 06:00 PM EDT Reads: 3,075
Aug. 27, 2016 06:00 PM EDT Reads: 703
Aug. 27, 2016 05:15 PM EDT Reads: 1,566
Aug. 27, 2016 05:00 PM EDT Reads: 1,869
Aug. 27, 2016 04:45 PM EDT Reads: 1,616
Aug. 27, 2016 04:00 PM EDT Reads: 553
Aug. 27, 2016 03:15 PM EDT Reads: 744
Aug. 27, 2016 02:45 PM EDT Reads: 3,440
Aug. 27, 2016 12:45 PM EDT Reads: 2,336
Aug. 27, 2016 12:30 PM EDT Reads: 3,611
Aug. 27, 2016 12:00 PM EDT Reads: 631
Aug. 27, 2016 12:00 PM EDT Reads: 645
Aug. 27, 2016 12:00 PM EDT Reads: 511
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
Aug. 27, 2016 11:00 AM EDT Reads: 2,355