Hot Topics
Is the API in Your App a Trojan Horse?
Attackers know that API calls originating from inside an app are a blueprint for the infrastructure inside your data center. Further, they can use those same API calls to hide their malicious purposes, like a Trojan horse ready to slip through the front door. Apps are the new emerging threat vector. [programmableweb.com]
10 Resources for Getting Started with OpenAPI 3.0 in 2018
2017 marked the official release of the latest version of the OpenAPI Specification, OpenAPI 3.0.This was the first major release since the specification was donated to the OpenAPI Initiative in 2015. The release marks an important milestone in the evolution of API description... [swagger.io]
Amazon Giveaway: "RESTful Web Clients" by Mike Amundsen
Enter for a chance to win: "RESTful Web Clients: Enabling Reuse Through Hypermedia" by Mike Amundsen [amazon.com]
GraphQL vs REST API Design Paradigms Demystified
For a long time, REST was the de facto way to design APIs. Then in 2015, Facebook open-sourced GraphQL and marketed it as a hot new alternative to REST. Is GraphQL really better, or should you stick to good old-fashioned REST? Let’s explore the key similarities and differences between the two.[business2community.com]
Lessons Learned - USPS API Vulnerability and 60 Million Exposed Users
By now you've probably seen the news about the USPS vulnerability where an attacker with simple access to usps.com, an understanding of the API logic and no special tools beyond a common web browser could easily manipulate that logic to get a dump of data. by Chris Westphal [medium.com]
How we added Single-Sign-On (SSO) functionality to our open source API gateway
Here at Tyk we're committed to your needs. We consider every suggestion you throw at us, validate feedback we receive from a business and technology standpoint, and then add the feasible, necessary and exciting onto our product roadmap. Identity, Security and Single-Sign-On (SSO) was one such feature. [tyk.io]
Upcoming Web API Events
A list of upcoming Web API Events, maintained by Matthew Reinbold
The Business of APIs
A Technical Review of Kafka and DistributedLog
We open sourced DistributedLog in May 2016. It generated a lot of interest in the community. One frequent question we are asked is how does DistributedLog compare to Apache Kafka . Technically DistributedLog is not a full fledged partitioned pub/sub system like Apache Kafka. [bookkeeper.apache.org]
Stream Processing 101: From SQL to Streaming SQL in 10 Minutes
Together the query asks the system to "select events from BoilerStream whose property "t" is greater than 350, and from each event extracts bid and calculates tF and put them into a new stream". As with SQL, streaming SQL lets us manipulate streaming data declaratively without having to write code. [wso2.com]
From manual to automated testing: The roadblocks and the journey
In my previous article, I talked about practices that can be implemented to build sustainable processes for integration testing of APIs and microservices. I had mentioned transitioning from manual to automated testing as one of the items on the checklist in that article. That journey requires more of a transformation than a transition. by Kaustav Das Modak [medium.com]
Want to share something?
|