API stands for Application Programming Interface. Over the years, it has evolved from a tightly coupled imperative specification to a loosely coupled declarative model. Regardless of implementation and the mode of invocation, APIs tend to be associated with app development. But another API economy has been steadily expanding. It lies within operations. And in that domain, the "A" in API stands for automation.
Agility is the way of IT these days. We all strive for developers and operations to go faster, to unleash creativity, unhindered by the burdens of provisioning app infrastructure and resources. The trick is balancing our need for app delivery speed with the need to stay secure and compliant.
Pause for a minute and ask yourself the following questions: Do you know how many apps you have? Do you know how those apps are performing? Do you know what those apps are doing? These questions may seem very basic, but many enterprises are struggling to find answers to them. F5’s Adil Laari explores app visibility in the context of the company’s new SaaS offering, F5 Beacon.
It's no surprise that most organizations are in the dark about application usage. After all, most aren't even aware of how many applications are in use across the business. That's not necessarily their fault; a study from Harmon.ie found that nearly half (48%) of respondents regularly used applications not authorized by IT in the workplace.
The use of APIs have the potential to be transformative by enabling new business models and revenue streams. Implemented without adequate guardrails, however, APIs also have the potential to disrupt and put businesses at risk. Concluding his two-part blog series, Mark Campbell outlines steps that organizations can take to help address the industry’s present API security gaps.
Application architectures have evolved several times since the early days of computing, and it is no longer optimal to rely solely on a single, known data path to insert application services. Furthermore, because many of the emerging data paths are not as suitable for a proxy-based platform, we must look to the other potential points of insertion possible to scale and secure modern applications.
The value of accurate, insightful data is realized by detecting and acting upon a threat before the attack occurs, not a month after the breach. The F5 Threat Campaigns subscription offering provides a glance into a hacker’s preliminary approach to block attacks proactively.
François Locoh-Donou shares a copy of the email sent to global staff announcing F5’s agreement to acquire Shape Security.
The transformation from monolithic applications to ecosystems of microservices has made APIs a strategic and critical element of business success. APIs are typically designed to be externally exposed and accessed by business partners, customers, and microservices. Just like web applications, though, APIs can be a doorway for unauthorized access to sensitive data. And as with many technology advances, security considerations often trail behind.