Welcome!

Application Security

Subscribe to Application Security: eMailAlertsEmail Alerts
Get Application Security via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Application Security

Splunk – An Ancillary Source of API Analytics Data analytics solutions seem as varied as the data they analyze. However, Expressway users have found tremendous success extending it’s built in API Analytics capabilities with those of Splunk’s – a recognized 2013 Gartner Magic Quadrant Leader for Security Information and Event Management. Intel distributes a free Splunk Application that ingests Expressway’s transactional logs. The application provides in depth dashboards and metrics of message transactions & system utilization. Recently, one of my customers wanted an alternate way to integrate Splunk with Expressway that: Goes beyond transactional context Expressway Service Gateway’s (ESG) transactional logs provide. Sends data directly to Splunk from ESG Applications – instead of Splunk ingesting ESG logs. Does 1 and 2 with negligible overhead. Coupling Splunk’s abili... (more)

Enterprise APIs and OAuth: Have it All

Enterprises often frustrate developers. Why do Enterprises always seem so behind when it comes to the very latest technology? In particular, a trend we are seeing is the continued struggle to marry Enterprise authentication with the burgeoning world of REST APIs. Developers want to use REST, but Enterprises need enterprise grade API security. We think this problem will only worsen as Enterprises continue their rapid adoption of APIs. It seems clear that SOAP, while capable of Enterprise grade authentication through X.509 and SAML, will be left behind as the “Skinny jeans Faceboo... (more)

Next Gen Enterprise API Architecture for Mobile

The Enterprise software industry has grown up around the standard three tier-architecture for web applications, which pioneered circa 1995. This architecture is ideal for web browsers, which have become the universal client of the Enterprise. With the introduction of Enterprise mobile applications, we are seeing new avenues for innovation, new user experiences and increased convenience. In some ways, however, we are rolling back the clock. Allow me to clarify: If we accept the premise that native mobile applications deliver the best functionality on disparate mobile platforms, w... (more)

What’s in a Composite API Platform?

Intel recently released what we call a composite API platform with our new API Manager product. What exactly do we mean by this? A composite platform is a single platform for API management that handles both Public (sometimes called “Open”) APIs and Enterprise APIs. It’s composite because it exhibits both the cost savings of “cloud” through a multi-tenant SaaS partner portal coupled with the control of on-premises gateway for traffic management. Like a composite material, the mingling of two or more constituents gives the final solution different properties not found in either a... (more)

Are you building your APIs the right way?

I keep telling my customers, it is not about what you think is important but it is about what your customers (internal, external or partners) see as important when it comes to building APIs and mobile apps, or APIs for mobile apps. This article from Intel explains the facets of WHO, WHAT and HOW very nicely. We instituted a new practice called Intel API Manager which does all of the above and more. It includes a strategy session to identify the audience (WHO) that can benefit from this, WHAT are the channels that can drive additional revenue, and HOW we can help you achieve that.... (more)