SlideShare a Scribd company logo

Securing and Governing Cloud APIs

Download as PPTX, PDF
CA API Management
CA API Management

A look at why APIs matter in the Cloud and their unique security challenges

TechnologyBusiness
1 of 17
Securing and governing cloud Rag Ramanathan APIs Director of Product Management, APIs
Nearly 2,500 unique clients, including more than 32 of the top 100 companies in the Fortune 500 Savvis Proprietary & Confidential 2
Savvis is Positioned in the Leaders Quadrant The Gartner Magic Quadrant for Public Cloud Infrastructure as a Service Gartner, Inc., Magic Quadrant for Public Cloud Infrastructure as a Service, Lydia Leong, Ted Chamberlin, December 8, 2011. Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Savvis. Savvis Proprietary & Confidential 3
Managed SaaS Business Content Proximity Applications Web Hosting Enablement Continuity Management Hosting Managed Savvis Symphony Intelligent Hosting (Dedicated and Colocation Monitoring (Dedicated) Multi-Tenant Clouds) Managed Storage and Backup Managed Security Managed Network Professional Services Intelligent Secure Facilities Enterprise Equipment Management Tools Savvis Proprietary & Confidential 4
Virtual Private Data Center (VPDC) Savvis Symphony VPDC Orchestration and Provisioning VPDC Portal – Topology Designer Automated Provisioning Technical & Business End-User Self-Service Savvis Data Center Infrastructure Provisioning Savvis Proprietary & Confidential 5
Architecture Overview Portal Proxy API Middleware Business Orchestration/Service Fulfillment Cloud Database Cloud Orchestration Cloud Infrastructure Network Systems Management Services – Service Support Security Storage Incident Services Resources Management Data Center Fabric SLA Management Event Management Compute Resources Savvis Proprietary & Confidential 6
Supporting multiple channels? Web Portal Smartphones API Tablets Savvis Web Portal Savvis Customer Apps ISV Partner Apps Reseller Apps Savvis Proprietary & Confidential 7
“Road to the Cloud is through APIs” Why APIs? Forester Analyst @chenxiwang Savvis Proprietary & Confidential @chenkxiwang 8
So we offer cloud APIs For IaaS based on vCloud API specification With additional Savvis feature specific APIs Initially, offered to a handful of customers as a beta offering Learnt and matured our APIs Customers did “pen tests” and requested enhancement requests More customers, and partners are using APIs and demand continues to grow Savvis Proprietary & Confidential 9
API Challenges Security Governance • Availability • Authorization • Performance • Basic firewall • Protection • DDos • Meeting SLAs • SSL for service • Maintain QoS end points • Audit trails • Audit logs • Reporting Savvis Proprietary & Confidential 10
API Security & Governance Is Bigger Security Message Traffic Control Penetration Protection Protection • Code • XML • Rate limit injection DOCTYPE • Tiered • Malformed insertion service requests • XML levels • SQL attacks document • Automatic structure retries • Limit msg size And More.. >> Credential caching & expiration >> IP restrictions >> OAuth support >> Reporting and analytics >> Common authentication & authorization across all services Savvis Proprietary & Confidential 11
…along with >> Common API security >> Common logging, and auditing >> Reporting and analytics >> Support for multiple versions >> Protocol transformation >> Delegated policy authoring >> Best practices based common policy libraries >> Centralized policy release and enforcement >> Internal systems integration (OSS, BSS, CMDB) Savvis Proprietary & Confidential 12
API Security & Governance Layer Using Layer 7 Gateway API / SOA / Cloud Governance Gateway •Throttling Common API and SOA Policy •Monitoring Governance for Cloud Reporting •Usage •Billing •Authentication VPDC Portal OSS Storage Security •Authorization Savvis Proprietary & Confidential 13
Layer 7 Deployment Savvis Proprietary & Confidential 14
Lessons Learned & Recommendations >> APIs drive more cloud traffic than web sites >> Take API-first design approach >> Drive toward a common framework > Configuration based and not development based > Supports flexible and distributed deployment models > Extensible >> Be prepared to handle special requests >> Do thorough testing of APIs for security >> Look at Security & Gov Gateway for Cloud Savvis Proprietary & Confidential 15
Next steps • Add internal API gateway • OAuth for external APIs • Quota and rate-limit by specific APIs • Developer portal Savvis Proprietary & Confidential 16
Thank you. Want to work on cloud APIs? – We are hiring – http://www.Bit.ly/savvis_pm Contact: Rag.Ramanathan@savvis.com Twitter: @ragram Savvis Proprietary & Confidential 17

Recommended

How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
Managed Services
Managed ServicesManaged Services
Managed ServicesGateway TechnoLabs Pvt. Ltd. (Gateway Group of Companies)
 
IT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACAIT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACARamsés Gallego
 
451 Research Client Event Nov 10
451 Research Client Event Nov 10451 Research Client Event Nov 10
451 Research Client Event Nov 10stavvmc
 
QualyCloud
QualyCloudQualyCloud
QualyCloudFabrice Heurtaux
 
Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012
Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012
Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012CA Nimsoft
 
Building and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and InfrastructureBuilding and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and InfrastructureDarren Cunningham
 
Go Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center TechnologiesGo Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center Technologiesdoan_slideshares
 

Recommended

How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
Managed Services
Managed ServicesManaged Services
Managed ServicesGateway TechnoLabs Pvt. Ltd. (Gateway Group of Companies)
 
IT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACAIT Controls Cloud Webinar - ISACA
IT Controls Cloud Webinar - ISACARamsés Gallego
 
451 Research Client Event Nov 10
451 Research Client Event Nov 10451 Research Client Event Nov 10
451 Research Client Event Nov 10stavvmc
 
QualyCloud
QualyCloudQualyCloud
QualyCloudFabrice Heurtaux
 
Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012
Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012
Managing Your Cloud with Confidence - Mark Rivington, n•fluence 2012CA Nimsoft
 
Building and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and InfrastructureBuilding and Managing Cloud Applications and Infrastructure
Building and Managing Cloud Applications and InfrastructureDarren Cunningham
 
Go Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center TechnologiesGo Bigger! Manage Data Center Technologies
Go Bigger! Manage Data Center Technologiesdoan_slideshares
 
Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simplyLilian Schaffer
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001jucaab
 
SISO Presentation: Cloud Ontology
SISO Presentation: Cloud OntologySISO Presentation: Cloud Ontology
SISO Presentation: Cloud OntologyGovCloud Network
 
Cnr global business profile v2.8
Cnr global business profile v2.8Cnr global business profile v2.8
Cnr global business profile v2.8Independent Professional
 
Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001jucaab
 
Cloud os and management overview of windows server 2012 and system center 2...
Cloud os and management overview of windows server 2012 and system center 2...Cloud os and management overview of windows server 2012 and system center 2...
Cloud os and management overview of windows server 2012 and system center 2...☁️Carl Nakamura [MSFT]☁️
 
ServSolid - An Overview
ServSolid - An OverviewServSolid - An Overview
ServSolid - An Overviewjmathur
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Enhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkEnhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkCisco Canada
 
IT Infrastructure Specialist
IT Infrastructure SpecialistIT Infrastructure Specialist
IT Infrastructure Specialistmomentuminfocare
 
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...Novell
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
NIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private CloudNIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private CloudKristian Nese
 
Cnr Global Business Profile V2.8
Cnr Global Business Profile V2.8Cnr Global Business Profile V2.8
Cnr Global Business Profile V2.8Independent Professional
 
Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs EliteJon G. Hall
 
Making the Move to SaaS: 10 Key Technical Considerations
Making the Move to SaaS: 10 Key Technical Considerations Making the Move to SaaS: 10 Key Technical Considerations
Making the Move to SaaS: 10 Key Technical Considerations OpSource
 
5 Pillars of API Management
5 Pillars of API Management5 Pillars of API Management
5 Pillars of API ManagementRich Graham
 
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2
 
API Governance
API Governance API Governance
API Governance Sunil Kuchipudi
 
API Governance in the Enterprise
API Governance in the EnterpriseAPI Governance in the Enterprise
API Governance in the EnterpriseApigee | Google Cloud
 

More Related Content

What's hot

Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simplyLilian Schaffer
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001jucaab
 
SISO Presentation: Cloud Ontology
SISO Presentation: Cloud OntologySISO Presentation: Cloud Ontology
SISO Presentation: Cloud OntologyGovCloud Network
 
Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001jucaab
 
Cloud os and management overview of windows server 2012 and system center 2...
Cloud os and management overview of windows server 2012 and system center 2...Cloud os and management overview of windows server 2012 and system center 2...
Cloud os and management overview of windows server 2012 and system center 2...☁️Carl Nakamura [MSFT]☁️
 
ServSolid - An Overview
ServSolid - An OverviewServSolid - An Overview
ServSolid - An Overviewjmathur
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
Enhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkEnhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkCisco Canada
 
IT Infrastructure Specialist
IT Infrastructure SpecialistIT Infrastructure Specialist
IT Infrastructure Specialistmomentuminfocare
 
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...Novell
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
NIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private CloudNIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private CloudKristian Nese
 
Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs EliteJon G. Hall
 
Making the Move to SaaS: 10 Key Technical Considerations
Making the Move to SaaS: 10 Key Technical Considerations Making the Move to SaaS: 10 Key Technical Considerations
Making the Move to SaaS: 10 Key Technical Considerations OpSource
 

What's hot (18)

Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simply
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001
 
SISO Presentation: Cloud Ontology
SISO Presentation: Cloud OntologySISO Presentation: Cloud Ontology
SISO Presentation: Cloud Ontology
 
Cnr global business profile v2.8
Cnr global business profile v2.8Cnr global business profile v2.8
Cnr global business profile v2.8
 
Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001
 
Cloud os and management overview of windows server 2012 and system center 2...
Cloud os and management overview of windows server 2012 and system center 2...Cloud os and management overview of windows server 2012 and system center 2...
Cloud os and management overview of windows server 2012 and system center 2...
 
ServSolid - An Overview
ServSolid - An OverviewServSolid - An Overview
ServSolid - An Overview
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the Cloud
 
Enhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your NetworkEnhancing and Operating Video Collaboration with your Network
Enhancing and Operating Video Collaboration with your Network
 
IT Infrastructure Specialist
IT Infrastructure SpecialistIT Infrastructure Specialist
IT Infrastructure Specialist
 
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
A Practical Approach to Delivering Cloud Platforms Using Novell Solutions: Ho...
 
Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azure
 
NIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private CloudNIC 2013 - Configure and Deploy Private Cloud
NIC 2013 - Configure and Deploy Private Cloud
 
Cnr Global Business Profile V2.8
Cnr Global Business Profile V2.8Cnr Global Business Profile V2.8
Cnr Global Business Profile V2.8
 
Deadly Sins Bcs Elite
Deadly Sins Bcs EliteDeadly Sins Bcs Elite
Deadly Sins Bcs Elite
 
Making the Move to SaaS: 10 Key Technical Considerations
Making the Move to SaaS: 10 Key Technical Considerations Making the Move to SaaS: 10 Key Technical Considerations
Making the Move to SaaS: 10 Key Technical Considerations
 

Viewers also liked

5 Pillars of API Management
5 Pillars of API Management5 Pillars of API Management
5 Pillars of API ManagementRich Graham
 
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2
 
Enabling Business Success Using APIs
Enabling Business Success Using APIsEnabling Business Success Using APIs
Enabling Business Success Using APIsCA API Management
 
API Management Reference Architecture
API Management Reference ArchitectureAPI Management Reference Architecture
API Management Reference ArchitectureSeong-Bok Lee
 

Viewers also liked (6)

5 Pillars of API Management
5 Pillars of API Management5 Pillars of API Management
5 Pillars of API Management
 
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case StudyWSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study
 
API Governance
API Governance API Governance
API Governance
 
API Governance in the Enterprise
API Governance in the EnterpriseAPI Governance in the Enterprise
API Governance in the Enterprise
 
Enabling Business Success Using APIs
Enabling Business Success Using APIsEnabling Business Success Using APIs
Enabling Business Success Using APIs
 
API Management Reference Architecture
API Management Reference ArchitectureAPI Management Reference Architecture
API Management Reference Architecture
 

Similar to Securing and Governing Cloud APIs

Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simplyLilian Schaffer
 
The role of hyper-v in nist model
The role of hyper-v in nist modelThe role of hyper-v in nist model
The role of hyper-v in nist modelAlexey Bokov
 
Service Availability and Performance Management - PCTY 2011
Service Availability and Performance Management - PCTY 2011Service Availability and Performance Management - PCTY 2011
Service Availability and Performance Management - PCTY 2011IBM Sverige
 
Cloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or Less
Cloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or LessCloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or Less
Cloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or LessSalesforce_APAC
 
Momentum Infocare Corporate Presentation
Momentum Infocare Corporate PresentationMomentum Infocare Corporate Presentation
Momentum Infocare Corporate Presentationeraz
 
Virtualizing Business cCritical Applications_ Darren Thomson
Virtualizing Business cCritical Applications_ Darren ThomsonVirtualizing Business cCritical Applications_ Darren Thomson
Virtualizing Business cCritical Applications_ Darren ThomsonArrow ECS UK
 
Storage Management and High Availability 6.0 Launch
Storage Management and High Availability 6.0 LaunchStorage Management and High Availability 6.0 Launch
Storage Management and High Availability 6.0 LaunchSymantec
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk OverviewSplunk
 
PCTY 2012, IBM SmartCloud-Strategi v. Anthony Doyle
PCTY 2012, IBM SmartCloud-Strategi v. Anthony DoylePCTY 2012, IBM SmartCloud-Strategi v. Anthony Doyle
PCTY 2012, IBM SmartCloud-Strategi v. Anthony DoyleIBM Danmark
 
CNISP - Platform Introduction 071511pks
CNISP - Platform Introduction 071511pksCNISP - Platform Introduction 071511pks
CNISP - Platform Introduction 071511pkslucpaquin
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntelAPAC
 
Microsoft Techready -21 aprilie 2011
Microsoft Techready -21 aprilie 2011Microsoft Techready -21 aprilie 2011
Microsoft Techready -21 aprilie 2011Agora Group
 
Applications at Scale
Applications at ScaleApplications at Scale
Applications at ScaleServiceMesh
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelOpen Data Center Alliance
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntelAPAC
 
VMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZVMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZASBIS SK
 
SaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security ExampleSaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security ExampleNewvewm
 
Configurando Private Cloud con System Center 2012
Configurando Private Cloud con System Center 2012Configurando Private Cloud con System Center 2012
Configurando Private Cloud con System Center 2012Juanchi_43
 

Similar to Securing and Governing Cloud APIs (20)

Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simply
 
The role of hyper-v in nist model
The role of hyper-v in nist modelThe role of hyper-v in nist model
The role of hyper-v in nist model
 
Service Availability and Performance Management - PCTY 2011
Service Availability and Performance Management - PCTY 2011Service Availability and Performance Management - PCTY 2011
Service Availability and Performance Management - PCTY 2011
 
Cloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or Less
Cloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or LessCloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or Less
Cloudforce Essentials 2012 - Understanding Force.com in 60 Minutes or Less
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Momentum Infocare Corporate Presentation
Momentum Infocare Corporate PresentationMomentum Infocare Corporate Presentation
Momentum Infocare Corporate Presentation
 
Virtualizing Business cCritical Applications_ Darren Thomson
Virtualizing Business cCritical Applications_ Darren ThomsonVirtualizing Business cCritical Applications_ Darren Thomson
Virtualizing Business cCritical Applications_ Darren Thomson
 
Storage Management and High Availability 6.0 Launch
Storage Management and High Availability 6.0 LaunchStorage Management and High Availability 6.0 Launch
Storage Management and High Availability 6.0 Launch
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
PCTY 2012, IBM SmartCloud-Strategi v. Anthony Doyle
PCTY 2012, IBM SmartCloud-Strategi v. Anthony DoylePCTY 2012, IBM SmartCloud-Strategi v. Anthony Doyle
PCTY 2012, IBM SmartCloud-Strategi v. Anthony Doyle
 
CNISP - Platform Introduction 071511pks
CNISP - Platform Introduction 071511pksCNISP - Platform Introduction 071511pks
CNISP - Platform Introduction 071511pks
 
Intel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NABIntel Cloud Summit 2012 ODCA + NAB
Intel Cloud Summit 2012 ODCA + NAB
 
Microsoft Techready -21 aprilie 2011
Microsoft Techready -21 aprilie 2011Microsoft Techready -21 aprilie 2011
Microsoft Techready -21 aprilie 2011
 
Applications at Scale
Applications at ScaleApplications at Scale
Applications at Scale
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, Intel
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentation
 
VMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZVMware Enterprise Manager s ICZ
VMware Enterprise Manager s ICZ
 
SaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security ExampleSaaS as a Security Hazard - Google Apps Security Example
SaaS as a Security Hazard - Google Apps Security Example
 
Configurando Private Cloud con System Center 2012
Configurando Private Cloud con System Center 2012Configurando Private Cloud con System Center 2012
Configurando Private Cloud con System Center 2012
 
Configuring and deploying a private cloud with system center 2012
Configuring and deploying a private cloud with system center 2012Configuring and deploying a private cloud with system center 2012
Configuring and deploying a private cloud with system center 2012
 

More from CA API Management

Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterpriseCA API Management
 
Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIsCA API Management
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarCA API Management
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...CA API Management
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...CA API Management
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...CA API Management
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataCA API Management
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...CA API Management
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...CA API Management
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device UniverseCA API Management
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...CA API Management
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...CA API Management
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...CA API Management
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinCA API Management
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...CA API Management
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer appsCA API Management
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...CA API Management
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...CA API Management
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...CA API Management
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceCA API Management
 

More from CA API Management (20)

Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
 
Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIs
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your Data
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & Win
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
 

Recently uploaded

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Recently uploaded (20)

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

Securing and Governing Cloud APIs

  • 1. Securing and governing cloud Rag Ramanathan APIs Director of Product Management, APIs
  • 2. Nearly 2,500 unique clients, including more than 32 of the top 100 companies in the Fortune 500 Savvis Proprietary & Confidential 2
  • 3. Savvis is Positioned in the Leaders Quadrant The Gartner Magic Quadrant for Public Cloud Infrastructure as a Service Gartner, Inc., Magic Quadrant for Public Cloud Infrastructure as a Service, Lydia Leong, Ted Chamberlin, December 8, 2011. Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Savvis. Savvis Proprietary & Confidential 3
  • 4. Managed SaaS Business Content Proximity Applications Web Hosting Enablement Continuity Management Hosting Managed Savvis Symphony Intelligent Hosting (Dedicated and Colocation Monitoring (Dedicated) Multi-Tenant Clouds) Managed Storage and Backup Managed Security Managed Network Professional Services Intelligent Secure Facilities Enterprise Equipment Management Tools Savvis Proprietary & Confidential 4
  • 5. Virtual Private Data Center (VPDC) Savvis Symphony VPDC Orchestration and Provisioning VPDC Portal – Topology Designer Automated Provisioning Technical & Business End-User Self-Service Savvis Data Center Infrastructure Provisioning Savvis Proprietary & Confidential 5
  • 6. Architecture Overview Portal Proxy API Middleware Business Orchestration/Service Fulfillment Cloud Database Cloud Orchestration Cloud Infrastructure Network Systems Management Services – Service Support Security Storage Incident Services Resources Management Data Center Fabric SLA Management Event Management Compute Resources Savvis Proprietary & Confidential 6
  • 7. Supporting multiple channels? Web Portal Smartphones API Tablets Savvis Web Portal Savvis Customer Apps ISV Partner Apps Reseller Apps Savvis Proprietary & Confidential 7
  • 8. “Road to the Cloud is through APIs” Why APIs? Forester Analyst @chenxiwang Savvis Proprietary & Confidential @chenkxiwang 8
  • 9. So we offer cloud APIs For IaaS based on vCloud API specification With additional Savvis feature specific APIs Initially, offered to a handful of customers as a beta offering Learnt and matured our APIs Customers did “pen tests” and requested enhancement requests More customers, and partners are using APIs and demand continues to grow Savvis Proprietary & Confidential 9
  • 10. API Challenges Security Governance • Availability • Authorization • Performance • Basic firewall • Protection • DDos • Meeting SLAs • SSL for service • Maintain QoS end points • Audit trails • Audit logs • Reporting Savvis Proprietary & Confidential 10
  • 11. API Security & Governance Is Bigger Security Message Traffic Control Penetration Protection Protection • Code • XML • Rate limit injection DOCTYPE • Tiered • Malformed insertion service requests • XML levels • SQL attacks document • Automatic structure retries • Limit msg size And More.. >> Credential caching & expiration >> IP restrictions >> OAuth support >> Reporting and analytics >> Common authentication & authorization across all services Savvis Proprietary & Confidential 11
  • 12. …along with >> Common API security >> Common logging, and auditing >> Reporting and analytics >> Support for multiple versions >> Protocol transformation >> Delegated policy authoring >> Best practices based common policy libraries >> Centralized policy release and enforcement >> Internal systems integration (OSS, BSS, CMDB) Savvis Proprietary & Confidential 12
  • 13. API Security & Governance Layer Using Layer 7 Gateway API / SOA / Cloud Governance Gateway •Throttling Common API and SOA Policy •Monitoring Governance for Cloud Reporting •Usage •Billing •Authentication VPDC Portal OSS Storage Security •Authorization Savvis Proprietary & Confidential 13
  • 14. Layer 7 Deployment Savvis Proprietary & Confidential 14
  • 15. Lessons Learned & Recommendations >> APIs drive more cloud traffic than web sites >> Take API-first design approach >> Drive toward a common framework > Configuration based and not development based > Supports flexible and distributed deployment models > Extensible >> Be prepared to handle special requests >> Do thorough testing of APIs for security >> Look at Security & Gov Gateway for Cloud Savvis Proprietary & Confidential 15
  • 16. Next steps • Add internal API gateway • OAuth for external APIs • Quota and rate-limit by specific APIs • Developer portal Savvis Proprietary & Confidential 16
  • 17. Thank you. Want to work on cloud APIs? – We are hiring – http://www.Bit.ly/savvis_pm Contact: Rag.Ramanathan@savvis.com Twitter: @ragram Savvis Proprietary & Confidential 17

Editor's Notes

  1. Savvis is a global leader in infrastructure outsourcing.We have nearly 2,500 unique clients, more than 32 of the top 100 companies in the Fortune 500 and some of the world’s most recognizable brands. One of the world’s premier IT infrastructure services providersPortfolio built to support real-time commercial / enterprise requirementsHighly AvailableHighly SecureMission CriticalFinancially strongOver $1B annual revenuesNet positive cash flow2300 employee’s worldwideServing Financial , Media , Federal, Consumer Brands / E-Commerce, Software
  2. Why APIs need to have better availability, error handling? APIs are used for automation through system integration. Portals are used by users who can easily understand availability conditions and errors.