API's Require Integrity: It's more than Trust


Published on

The more secure, reliable, and dependable your API, the better the chance of consumption and the greater the potential for business expansion. However, if you’re providing a questionable interface, you are likely to lose business since switching costs associated with API integration are so low. This presentation explores the top three challenges to API integrity and outlines strategies and best practices for reducing the risks associated with each challenge.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • In some recent research I analyzed the market impacts of the most notable software failures in 2012-2013.On the day of the announcement of a software failure, organization lost an average of -2.3 Billion dollars of shareholder value. This equates to about -3.75%Also, notable is that the markets don’t forget. Organizations that had a second offense were punished harder with an average of -5.68% decline in stock price. With social media and news feeds on mobile devices – news outlets are ready to pounce. News articles about an organization’s second offense increase on average of 167%. The names have been obfuscated to protect the punished but here are the numbers.
  • What percentage of respondent said that have stopped using an API because it was buggy?
  • What percentage of respondent said that an API that they have selected failed to meet their business expectations?What percentage of respondent said that they would not use an API that had failed them in the past?
  • In August of 2013, Goldman Sachs a multinational investment banking firm, produced orders with inaccurate price limits and sent out this information across multiple financial exchanges.As a result of this defect in production, four technology specialists were placed on administrative leave.This is the first time we are publicly learning of technologists being held accountable for defects in production.
  • API's Require Integrity: It's more than Trust

    1. 1. Parasoft Proprietary and Confidential 1 2014-04-29 APIs Require Integrity It’s more than Trust April 2014
    2. 2. Parasoft Proprietary and Confidential 2Parasoft Proprietary and Confidential 2 Parasoft 10 Second Survey
    3. 3. Parasoft Proprietary and Confidential 3Parasoft Proprietary and Confidential 3 Software Drives Innovation Switching costs associated with software are dramatically lower Software is the interface to business and the force behind innovation Damages associated with software failure are increasing and very real
    4. 4. Parasoft Proprietary and Confidential 4Parasoft Proprietary and Confidential 4 IT Initiatives in 2014 – The Perfect Storm APIs drive interconnectivity across the expanded internet Compliance with regulatory, industry and internal standards SDLC Speed will be the difference between a first mover and a follower
    5. 5. Parasoft Proprietary and Confidential 5Parasoft Proprietary and Confidential 5 ROI of SOA was Predicated on Reuse
    6. 6. Parasoft Proprietary and Confidential 6Parasoft Proprietary and Confidential 6 Aside: APIs Enable Reuse via Ease of Extension API ... ... ... ... x y x * y x + y
    7. 7. Parasoft Proprietary and Confidential 7Parasoft Proprietary and Confidential 7 Aside: Savings (in thousands) from API Reuse z = x * y - (x + y) x^2 – x (i.e. when y==x) # components # components # components $1,000’s $1,000’s
    8. 8. Parasoft Proprietary and Confidential 8Parasoft Proprietary and Confidential 8 APIs Extend Interconnectivity Beyond the Corporate Boundary
    9. 9. Parasoft Proprietary and Confidential 9Parasoft Proprietary and Confidential 9 Software Failures = Headlines Software failures make the headline news— eroding customer confidence, shareholder value and brand equity -$2.3 Bn -3.75% The day of the announcement companies lost an average of shareholder value 821,000 1,080,000 451,000 1,400,000 896,000 1,550,000 5,500,000 650,000 3,490,000 2,240,000 CLOUD SERVICES AIRLINE BANK SOFTWARE RETAIL 1st Event 2nd Event Market does not forget— news articles about failure increase an average of 167%
    10. 10. Parasoft Proprietary and Confidential 10 After a rash of software failures and security breaches left Sony’s gaming services down for weeks, analysts called for the ousting of the Sony CEO. Faulty Software Impacts the C-Level http://news.cnet.com/8301-13506_3-57369469-17/why-sony-needed-to-swap-out-its-ceo/
    11. 11. Parasoft Proprietary and Confidential 11Parasoft Proprietary and Confidential 11 The Cost of Software Quality - Sony http://www.reuters.com/article/2011/04/26/us-sony-stoldendata-idUSTRE73P6WB20110426 http://www.digitaltrends.com/gaming/sony-fined-almost-400000-for-2011-playstation-security-breach/ MarketValue Event 15 Days 30 Days -22% -33% -30%-19% -11% -12% Cumulative Loss = $18B
    12. 12. Parasoft Proprietary and Confidential 12 Software Failures = Headlines Financial Airlines/Aero Government Media Internet/Tel Automotive Technology Retail
    13. 13. Parasoft Proprietary and Confidential 13Parasoft Proprietary and Confidential 13 Trust is Not Enough
    14. 14. Parasoft Proprietary and Confidential 14Parasoft Proprietary and Confidential 14 What’s the Difference? Trust is Secure Integrity is Secure Dependable Intuitive Cohesive
    15. 15. Parasoft Proprietary and Confidential 15Parasoft Proprietary and Confidential 15 API Integrity is Needed If an API did not meet your expectations in the past, would you consider using it again in the future? 93%
    16. 16. Parasoft Proprietary and Confidential 16Parasoft Proprietary and Confidential 16 API Challenges
    17. 17. Parasoft Proprietary and Confidential 17Parasoft Proprietary and Confidential 17 Do We Need More Testing?  Not exactly…  We need better testing.  We need better training.  We need better processes.  We need better tools. People ProcessTools
    18. 18. Parasoft Proprietary and Confidential 18Parasoft Proprietary and Confidential 18 Obstacles Hinder API Integrity Efforts
    19. 19. Parasoft Proprietary and Confidential 19Parasoft Proprietary and Confidential 19 Deliver Integrity: Depth and Breadth
    20. 20. Parasoft Proprietary and Confidential 20Parasoft Proprietary and Confidential 20 Deliver Integrity: Access and Configuration
    21. 21. Parasoft Proprietary and Confidential 21Parasoft Proprietary and Confidential 21 Deliver Integrity: Automation  Logically componentized  Correlated with business requirements  Incremental  Repeatable  Deterministic  Maintainable within a process  Process is prescriptive based on results Continuous Testing
    22. 22. Parasoft Proprietary and Confidential 22Parasoft Proprietary and Confidential 22 Deliver Integrity: Continuous Testing Continuous testing accelerates the SDLC by managing quality expectations and actionable tasks Requirements Defined Policy Management Development Defect Prevention Development Development Testing Static Analysis Unit/Component Peer Review Automated Tests Integration Testing API/Service Tests Smoke Test Security Tests Automated Tests System Testing Functional Tests Scenario Tests Performance Tests CI Build Defect Remediation Tasks Go Release Path No Go Business Decision Service Virtualization – Test Environment Access
    23. 23. Parasoft Proprietary and Confidential 23Parasoft Proprietary and Confidential 23 Deliver Integrity: Establish Preventive Practices
    24. 24. Parasoft Proprietary and Confidential 24Parasoft Proprietary and Confidential 24 What’s the next level? Execution Load Testing Test Mgmt SCM Defects Requirements Parasoft Observations Process Intelligence Engine Policy Web UI Prioritization Process Desktop Report Center
    25. 25. Parasoft Proprietary and Confidential 25 Q&A --WayneAriola, ParasoftChiefStrategyOfficer Quality and API Integrity matters.” “APIs are the interface to your business. JasonSchadewald ProductManager Jason.Schadewald@Parasoft.com