SlideShare a Scribd company logo

DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital Estate

Big Compass
Big Compass

API Security: The 3 Keys to Protect Your Digital Estate Tackle key challenges to securing all of your APIs with recommended best practices from MuleSoft. Join us as we show how you can achieve the ultimate governance and security through live demos. Meet the Speakers: Sue Han Saio: Technical Product Marketing Manager at Salesforce Sameer Parulkar: Director of Product Marketing at Salesforce

Technology
1 of 20
Download to read offline
API Security: The 3 Keys To Protect Your Digital Estate
Sameer Parulkar Director, Product Marketing Sue Siao Technical Product Marketing Manager Today’s Speakers
Forward Looking Statements Updated: September 28, 2022 This presentation contains forward-looking statements about, among other things, trend analyses and future events, future financial performance, anticipated growth, industry prospects, environmental, social and governance goals, and the anticipated benefits of acquired companies. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, Salesforce’s results could differ materially from the results expressed or implied by these forward-looking statements. The risks and uncertainties referred to above include those factors discussed in Salesforce’s reports filed from time to time with the Securities and Exchange Commission, including, but not limited to: impact of, and actions we may take in response to, the COVID-19 pandemic, related public health measures and resulting economic downturn and market volatility; our ability to maintain security levels and service performance meeting the expectations of our customers, and the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate performance degradation and security breaches; the expenses associated with our data centers and third-party infrastructure providers; our ability to secure additional data center capacity; our reliance on third-party hardware, software and platform providers; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; current and potential litigation involving us or our industry, including litigation involving acquired entities such as Tableau Software, Inc. and Slack Technologies, Inc., and the resolution or settlement thereof; regulatory developments and regulatory investigations involving us or affecting our industry; our ability to successfully introduce new services and product features, including any efforts to expand our services; the success of our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; our ability to complete, on a timely basis or at all, announced transactions; our ability to realize the benefits from acquisitions, strategic partnerships, joint ventures and investments, including our July 2021 acquisition of Slack Technologies, Inc., and successfully integrate acquired businesses and technologies; our ability to compete in the markets in which we participate; the success of our business strategy and our plan to build our business, including our strategy to be a leading provider of enterprise cloud computing applications and platforms; our ability to execute our business plans; our ability to continue to grow unearned revenue and remaining performance obligation; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; our ability to limit customer attrition and costs related to those efforts; the success of our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our ability to preserve our workplace culture, including as a result of our decisions regarding our current and future office environments or work-from-home policies; our dependency on the development and maintenance of the infrastructure of the Internet; our real estate and office facilities strategy and related costs and uncertainties; fluctuations in, and our ability to predict, our operating results and cash flows; the variability in our results arising from the accounting for term license revenue products; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within our strategic investment portfolio; our ability to protect our intellectual property rights; our ability to develop our brands; the impact of foreign currency exchange rate and interest rate fluctuations on our results; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; uncertainties regarding our tax obligations in connection with potential jurisdictional transfers of intellectual property, including the tax rate, the timing of the transfer and the value of such transferred intellectual property; uncertainties regarding the effect of general economic and market conditions; the impact of geopolitical events; uncertainties regarding the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; the ability to execute our Share Repurchase Program; our ability to comply with our debt covenants and lease obligations; the impact of climate change, natural disasters and actual or threatened public health emergencies; and our ability to achieve our aspirations, goals and projections related to our environmental, social and governance initiatives.
APIs have become ubiquitous and versatile SaaS integration B2B / EDI Micro- services iPaaS API ecosystems Service connectivity API-led business models New revenue streams Process automation Task automation Event- driven IoT Total experiences
API security incidents are increasing in the news APIs are the gateway to your sensitive data
Key Challenges with securing APIs API Sprawl & Federation of API management across the organization ~201 % ~90% of web-apps will have more attack surface area in the form of exposed APIs 3 Increasing API attack surface area 1 451 Research API Security Trends Survey (350 companies, 3000+ employees), Jan 2022 2 Gartner Predicts: APIs demand improved security and management, 2022 3 Gartner MQ Application Security Testing, May 2021 Increase in number of APIs in the last 12 months 1 30% Avg percentage of 3rd party APIs used in application by 2025, up from less than 10% in 2021 2
Standardizing APIs across the organization is a big challenge Key Challenges with securing APIs APIs fragmented across multiple API platforms * Gartner Predicts: APIs demand improved security and management, 2022 < 50% of enterprise APIs will be managed in 2025 *
Securing APIs: where do you start? MuleSo Prevent Bad Actors Need Runtime Protection that inspects API traffic Standardize APIs Need Proactive Governance and risk assessment of APIs Manage API Sprawl Need Visibility into all APIs across the organization
API Security Best Practices Secure Your Digital Estate API Protection Access and Authorization API Governance Best Practices and Standards API Discovery Discover and catalog APIs Zero Trust security (ZTS) as foundational principle
API Protection: Access and Authentication Internal and External Developers API Gateway Orders API Tracking API Customer API API Policies Client Contracts SLA Routing Authorize and authenticate API access: Who can access, how many times and more ● Authenticate API access ● Authorize API access ● Apply rate limits ● Define client contracts 1
Anypoint Flex Gateway Implement modern architecture with ultrafast, distributed API gateway to control and secure APIs Manage Security team Deploy to virtually any environment High performance on a small footprint Secure E-W and N-S traffic Fine grain traffic control and fault tolerance Manage using web UI or CI/CD pipeline Anypoint Flex Gateway (Ingress/Egress) Customers Payments Orders Products
Anypoint API Manager Manage, secure and scale your APIs from a centralized control plane Secure your APIs and microservices Apply pre-built or custom policies to individual or groups of APIs based on your needs Onboard with precision and ease Enable and manage fine-grained access to APIs natively or with your own IdPs Make smarter API program investments Analyze, detect trends and get alerted on KPIs, policy violations and user interactions Manage
API Governance: Apply Best Practices & Standards Developers and Security Teams API Governance Orders API Tracking API Customer API Design time enforcement Compliance dashboard Compliance Reporting Enforce Rules Consistently apply governance across APIs ● Define and use best practices ● and common rules for APIs. For example: OWASP API Top 10 ● Design time guidance to help developers build conforming APIs ● Central conformance dashboard for wholistic visibility, and reporting for ongoing improvements 2 Shi le security
Anypoint API Governance Empower developers & security teams to maintain compliance and speed Self-serve and access rules from Exchange Apply standards on any API definition (W3C, OPA) Identify and resolve conformance issues Automate validations by integrating with CI/CD pipelines API developer Govern Security team Observe overall conformance from a single place
API Discovery: Discover and Catalog APIs Discover and catalog APIs for universal visibility ● Discover known and unknown APIs ● Catalog API design and documentation ● Embed API discovery process in your development pipelines ● Pathway to govern and control all APIs 3 Build Unit tests Integration tests Review Staging Production CI/CD pipeline with Anypoint Catalog CLI Vendor API Marketing API Customer API Catalog API Shipping API Anypoint Exchange
Comprehensive API Discovery Discover Known APIs ● MuleSoft’s API Catalog CLI helps you bring non-Mule APIs from the CI/CD pipelines as and when they are created Discover Unknown APIs ● Analyze network traffic across your non-Mule infrastructure to discover hidden APIs ● Leverage MuleSoft’s API security partner network: Salt Security & Noname Security. ● In addition, benefit from Advanced API Abuse and Vulnerability detection. “Salt discovered 30% more APIs that were not previously catalogued in Anypoint.” - Takeda Pharmaceutical Company Discover and catalog non-Mule APIs in Anypoint Exchange
Live Demo: Discover, Govern, and Manage APIs API Gateway API Policies Routing Build Unit tests Integration tests Vendor API Marketing API Customer API Catalog API Shipping API Anypoint Exchange Review Staging Production CI/CD pipeline with Anypoint Catalog CLI API Governance Compliance dashboard Enforce Rules Demo Step 2 Demo Step 3 Demo Step 1
● API use cases are evolving: Need for increased API Security ● API security challenges: API fragmentation and increased attack surface area Key Takeaways ● How do you start? Review the 5 API Security best practices ● Implement Universal API Management on a unified platform: Try now ● Utilize our technology partners (Noname, Salt Security) and SI partners with their methodologies to implement End-to-End API security
Let’s Continue our Connection Where do we go from here? 30-day free trial to Anypoint Platform Check out 5 Security Best Practices Whitepaper Try it out Learn more Let’s meet again! Join us at World Tour NYC on May 4th! In person or Salesforce+
Thank you

Recommended

Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Big Compass
 
Architecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdfArchitecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdf
Manik S Magar
 
RTC2023_Boost-App-Integration-with-AI_Kim.pdf
RTC2023_Boost-App-Integration-with-AI_Kim.pdfRTC2023_Boost-App-Integration-with-AI_Kim.pdf
RTC2023_Boost-App-Integration-with-AI_Kim.pdf
hossenkamal2
 
MuleSoft Online Meetup Group - B2B Crash Course: PM Insider Lecture
MuleSoft Online Meetup Group - B2B Crash Course: PM Insider LectureMuleSoft Online Meetup Group - B2B Crash Course: PM Insider Lecture
MuleSoft Online Meetup Group - B2B Crash Course: PM Insider Lecture
Manik S Magar
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
Manik S Magar
 
Zero Trust Security - Updated
Zero Trust Security - UpdatedZero Trust Security - Updated
Zero Trust Security - Updated
Akshata Sawant
 
Perth Meetup December 2021
Perth Meetup December 2021Perth Meetup December 2021
Perth Meetup December 2021
Michael Price
 
Toronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptxToronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptx
Karanraj Sankaranarayanan
 

Recommended

Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Big Compass
 
Architecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdfArchitecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdf
Manik S Magar
 
RTC2023_Boost-App-Integration-with-AI_Kim.pdf
RTC2023_Boost-App-Integration-with-AI_Kim.pdfRTC2023_Boost-App-Integration-with-AI_Kim.pdf
RTC2023_Boost-App-Integration-with-AI_Kim.pdf
hossenkamal2
 
MuleSoft Online Meetup Group - B2B Crash Course: PM Insider Lecture
MuleSoft Online Meetup Group - B2B Crash Course: PM Insider LectureMuleSoft Online Meetup Group - B2B Crash Course: PM Insider Lecture
MuleSoft Online Meetup Group - B2B Crash Course: PM Insider Lecture
Manik S Magar
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
Manik S Magar
 
Zero Trust Security - Updated
Zero Trust Security - UpdatedZero Trust Security - Updated
Zero Trust Security - Updated
Akshata Sawant
 
Perth Meetup December 2021
Perth Meetup December 2021Perth Meetup December 2021
Perth Meetup December 2021
Michael Price
 
Toronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptxToronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptx
Karanraj Sankaranarayanan
 
The Next Era of CRM.pdf
The Next Era of CRM.pdfThe Next Era of CRM.pdf
The Next Era of CRM.pdf
PatrickYANG48
 
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptxAnypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anurag Dwivedi
 
DevOps Center_ArchitectGroup
DevOps Center_ArchitectGroup DevOps Center_ArchitectGroup
DevOps Center_ArchitectGroup
AmeyKulkarni84
 
May 2024 - Frederick Architect Group AI + Data Community Tour.pdf
May 2024 - Frederick Architect Group AI + Data Community Tour.pdfMay 2024 - Frederick Architect Group AI + Data Community Tour.pdf
May 2024 - Frederick Architect Group AI + Data Community Tour.pdf
NadinaLisbon1
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
jorgelebrato
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Elevate productivity_ Unveiling the power of new Slack innovations.pdf
Elevate productivity_ Unveiling the power of new Slack innovations.pdfElevate productivity_ Unveiling the power of new Slack innovations.pdf
Elevate productivity_ Unveiling the power of new Slack innovations.pdf
TCS
 
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
MysoreMuleSoftMeetup
 
Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022
Thierry TROUIN ☁
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
apidays
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
Wellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 ReleaseWellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 Release
Anna Loughnan Colquhoun
 
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
Anna Loughnan Colquhoun
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
Stephan Chandler-Garcia
 
Nonprofit User Group.pdf
Nonprofit User Group.pdfNonprofit User Group.pdf
Nonprofit User Group.pdf
MarianaLemus7
 
Dreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Dreamforce '23 - Master the Art of Becoming a Salesforce Security NinjaDreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Dreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Alesia Dvorkina
 
Winter 22 release
Winter 22 releaseWinter 22 release
Winter 22 release
Doria Hamelryk
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
Thierry TROUIN ☁
 
Next Generation Application Development, Alex Edelstein
Next Generation Application Development, Alex EdelsteinNext Generation Application Development, Alex Edelstein
Next Generation Application Development, Alex Edelstein
CzechDreamin
 
SFWelly user group spring '22 release highlights with Mel Macdonald
SFWelly user group spring '22 release highlights with Mel MacdonaldSFWelly user group spring '22 release highlights with Mel Macdonald
SFWelly user group spring '22 release highlights with Mel Macdonald
Anna Loughnan Colquhoun
 
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOpsWashington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Big Compass
 
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Big Compass
 

More Related Content

Similar to DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital Estate

The Next Era of CRM.pdf
The Next Era of CRM.pdfThe Next Era of CRM.pdf
The Next Era of CRM.pdf
PatrickYANG48
 
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptxAnypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anurag Dwivedi
 
DevOps Center_ArchitectGroup
DevOps Center_ArchitectGroup DevOps Center_ArchitectGroup
DevOps Center_ArchitectGroup
AmeyKulkarni84
 
May 2024 - Frederick Architect Group AI + Data Community Tour.pdf
May 2024 - Frederick Architect Group AI + Data Community Tour.pdfMay 2024 - Frederick Architect Group AI + Data Community Tour.pdf
May 2024 - Frederick Architect Group AI + Data Community Tour.pdf
NadinaLisbon1
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
jorgelebrato
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Elevate productivity_ Unveiling the power of new Slack innovations.pdf
Elevate productivity_ Unveiling the power of new Slack innovations.pdfElevate productivity_ Unveiling the power of new Slack innovations.pdf
Elevate productivity_ Unveiling the power of new Slack innovations.pdf
TCS
 
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
MysoreMuleSoftMeetup
 
Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022
Thierry TROUIN ☁
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
apidays
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
Wellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 ReleaseWellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 Release
Anna Loughnan Colquhoun
 
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
Anna Loughnan Colquhoun
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
Stephan Chandler-Garcia
 
Nonprofit User Group.pdf
Nonprofit User Group.pdfNonprofit User Group.pdf
Nonprofit User Group.pdf
MarianaLemus7
 
Dreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Dreamforce '23 - Master the Art of Becoming a Salesforce Security NinjaDreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Dreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Alesia Dvorkina
 
Winter 22 release
Winter 22 releaseWinter 22 release
Winter 22 release
Doria Hamelryk
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
Thierry TROUIN ☁
 
Next Generation Application Development, Alex Edelstein
Next Generation Application Development, Alex EdelsteinNext Generation Application Development, Alex Edelstein
Next Generation Application Development, Alex Edelstein
CzechDreamin
 
SFWelly user group spring '22 release highlights with Mel Macdonald
SFWelly user group spring '22 release highlights with Mel MacdonaldSFWelly user group spring '22 release highlights with Mel Macdonald
SFWelly user group spring '22 release highlights with Mel Macdonald
Anna Loughnan Colquhoun
 

Similar to DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital Estate (20)

The Next Era of CRM.pdf
The Next Era of CRM.pdfThe Next Era of CRM.pdf
The Next Era of CRM.pdf
 
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptxAnypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptx
 
DevOps Center_ArchitectGroup
DevOps Center_ArchitectGroup DevOps Center_ArchitectGroup
DevOps Center_ArchitectGroup
 
May 2024 - Frederick Architect Group AI + Data Community Tour.pdf
May 2024 - Frederick Architect Group AI + Data Community Tour.pdfMay 2024 - Frederick Architect Group AI + Data Community Tour.pdf
May 2024 - Frederick Architect Group AI + Data Community Tour.pdf
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Elevate productivity_ Unveiling the power of new Slack innovations.pdf
Elevate productivity_ Unveiling the power of new Slack innovations.pdfElevate productivity_ Unveiling the power of new Slack innovations.pdf
Elevate productivity_ Unveiling the power of new Slack innovations.pdf
 
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
 
Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
Wellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 ReleaseWellington Salesforce User Group - Summer 22 Release
Wellington Salesforce User Group - Summer 22 Release
 
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
First Steps to Salesforce Release Management & DevOps [Salesforce User Group,...
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
 
Nonprofit User Group.pdf
Nonprofit User Group.pdfNonprofit User Group.pdf
Nonprofit User Group.pdf
 
Dreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Dreamforce '23 - Master the Art of Becoming a Salesforce Security NinjaDreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
Dreamforce '23 - Master the Art of Becoming a Salesforce Security Ninja
 
Winter 22 release
Winter 22 releaseWinter 22 release
Winter 22 release
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
 
Next Generation Application Development, Alex Edelstein
Next Generation Application Development, Alex EdelsteinNext Generation Application Development, Alex Edelstein
Next Generation Application Development, Alex Edelstein
 
SFWelly user group spring '22 release highlights with Mel Macdonald
SFWelly user group spring '22 release highlights with Mel MacdonaldSFWelly user group spring '22 release highlights with Mel Macdonald
SFWelly user group spring '22 release highlights with Mel Macdonald
 

More from Big Compass

Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOpsWashington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Big Compass
 
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Big Compass
 
At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...
At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...
At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...
Big Compass
 
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and SlackDenver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Big Compass
 
Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...
Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...
Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...
Big Compass
 
Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4
Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4
Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4
Big Compass
 

More from Big Compass (6)

Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOpsWashington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
Washington DC MuleSoft Meetup: CI/CD Pipeline with MuleSoft and Azure DevOps
 
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
Denver MuleSoft Meetup: Greatest MuleSoft Hits of 2022
 
At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...
At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...
At Last, MuleSoft RPA Revealed - A Quick Guide To Automating Your Business | ...
 
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and SlackDenver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
Denver MuleSoft Meetup: Approve this! (or reject this!) with MuleSoft and Slack
 
Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...
Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...
Denver MuleSoft Meetup: How To Best Use Anypoint Monitoring In Your Anypoint ...
 
Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4
Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4
Denver MuleSoft Meetup: Cool Features in DataWeave 2.3 and 2.4
 

Recently uploaded

Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
Pixlogix Infotech
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 

Recently uploaded (20)

Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 

DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital Estate

  • 1. API Security: The 3 Keys To Protect Your Digital Estate
  • 2. Sameer Parulkar Director, Product Marketing Sue Siao Technical Product Marketing Manager Today’s Speakers
  • 3. Forward Looking Statements Updated: September 28, 2022 This presentation contains forward-looking statements about, among other things, trend analyses and future events, future financial performance, anticipated growth, industry prospects, environmental, social and governance goals, and the anticipated benefits of acquired companies. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, Salesforce’s results could differ materially from the results expressed or implied by these forward-looking statements. The risks and uncertainties referred to above include those factors discussed in Salesforce’s reports filed from time to time with the Securities and Exchange Commission, including, but not limited to: impact of, and actions we may take in response to, the COVID-19 pandemic, related public health measures and resulting economic downturn and market volatility; our ability to maintain security levels and service performance meeting the expectations of our customers, and the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate performance degradation and security breaches; the expenses associated with our data centers and third-party infrastructure providers; our ability to secure additional data center capacity; our reliance on third-party hardware, software and platform providers; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; current and potential litigation involving us or our industry, including litigation involving acquired entities such as Tableau Software, Inc. and Slack Technologies, Inc., and the resolution or settlement thereof; regulatory developments and regulatory investigations involving us or affecting our industry; our ability to successfully introduce new services and product features, including any efforts to expand our services; the success of our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; our ability to complete, on a timely basis or at all, announced transactions; our ability to realize the benefits from acquisitions, strategic partnerships, joint ventures and investments, including our July 2021 acquisition of Slack Technologies, Inc., and successfully integrate acquired businesses and technologies; our ability to compete in the markets in which we participate; the success of our business strategy and our plan to build our business, including our strategy to be a leading provider of enterprise cloud computing applications and platforms; our ability to execute our business plans; our ability to continue to grow unearned revenue and remaining performance obligation; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; our ability to limit customer attrition and costs related to those efforts; the success of our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our ability to preserve our workplace culture, including as a result of our decisions regarding our current and future office environments or work-from-home policies; our dependency on the development and maintenance of the infrastructure of the Internet; our real estate and office facilities strategy and related costs and uncertainties; fluctuations in, and our ability to predict, our operating results and cash flows; the variability in our results arising from the accounting for term license revenue products; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within our strategic investment portfolio; our ability to protect our intellectual property rights; our ability to develop our brands; the impact of foreign currency exchange rate and interest rate fluctuations on our results; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; uncertainties regarding our tax obligations in connection with potential jurisdictional transfers of intellectual property, including the tax rate, the timing of the transfer and the value of such transferred intellectual property; uncertainties regarding the effect of general economic and market conditions; the impact of geopolitical events; uncertainties regarding the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; the ability to execute our Share Repurchase Program; our ability to comply with our debt covenants and lease obligations; the impact of climate change, natural disasters and actual or threatened public health emergencies; and our ability to achieve our aspirations, goals and projections related to our environmental, social and governance initiatives.
  • 4. APIs have become ubiquitous and versatile SaaS integration B2B / EDI Micro- services iPaaS API ecosystems Service connectivity API-led business models New revenue streams Process automation Task automation Event- driven IoT Total experiences
  • 5. API security incidents are increasing in the news APIs are the gateway to your sensitive data
  • 6. Key Challenges with securing APIs API Sprawl & Federation of API management across the organization ~201 % ~90% of web-apps will have more attack surface area in the form of exposed APIs 3 Increasing API attack surface area 1 451 Research API Security Trends Survey (350 companies, 3000+ employees), Jan 2022 2 Gartner Predicts: APIs demand improved security and management, 2022 3 Gartner MQ Application Security Testing, May 2021 Increase in number of APIs in the last 12 months 1 30% Avg percentage of 3rd party APIs used in application by 2025, up from less than 10% in 2021 2
  • 7. Standardizing APIs across the organization is a big challenge Key Challenges with securing APIs APIs fragmented across multiple API platforms * Gartner Predicts: APIs demand improved security and management, 2022 < 50% of enterprise APIs will be managed in 2025 *
  • 8. Securing APIs: where do you start? MuleSo Prevent Bad Actors Need Runtime Protection that inspects API traffic Standardize APIs Need Proactive Governance and risk assessment of APIs Manage API Sprawl Need Visibility into all APIs across the organization
  • 9. API Security Best Practices Secure Your Digital Estate API Protection Access and Authorization API Governance Best Practices and Standards API Discovery Discover and catalog APIs Zero Trust security (ZTS) as foundational principle
  • 10. API Protection: Access and Authentication Internal and External Developers API Gateway Orders API Tracking API Customer API API Policies Client Contracts SLA Routing Authorize and authenticate API access: Who can access, how many times and more ● Authenticate API access ● Authorize API access ● Apply rate limits ● Define client contracts 1
  • 11. Anypoint Flex Gateway Implement modern architecture with ultrafast, distributed API gateway to control and secure APIs Manage Security team Deploy to virtually any environment High performance on a small footprint Secure E-W and N-S traffic Fine grain traffic control and fault tolerance Manage using web UI or CI/CD pipeline Anypoint Flex Gateway (Ingress/Egress) Customers Payments Orders Products
  • 12. Anypoint API Manager Manage, secure and scale your APIs from a centralized control plane Secure your APIs and microservices Apply pre-built or custom policies to individual or groups of APIs based on your needs Onboard with precision and ease Enable and manage fine-grained access to APIs natively or with your own IdPs Make smarter API program investments Analyze, detect trends and get alerted on KPIs, policy violations and user interactions Manage
  • 13. API Governance: Apply Best Practices & Standards Developers and Security Teams API Governance Orders API Tracking API Customer API Design time enforcement Compliance dashboard Compliance Reporting Enforce Rules Consistently apply governance across APIs ● Define and use best practices ● and common rules for APIs. For example: OWASP API Top 10 ● Design time guidance to help developers build conforming APIs ● Central conformance dashboard for wholistic visibility, and reporting for ongoing improvements 2 Shi le security
  • 14. Anypoint API Governance Empower developers & security teams to maintain compliance and speed Self-serve and access rules from Exchange Apply standards on any API definition (W3C, OPA) Identify and resolve conformance issues Automate validations by integrating with CI/CD pipelines API developer Govern Security team Observe overall conformance from a single place
  • 15. API Discovery: Discover and Catalog APIs Discover and catalog APIs for universal visibility ● Discover known and unknown APIs ● Catalog API design and documentation ● Embed API discovery process in your development pipelines ● Pathway to govern and control all APIs 3 Build Unit tests Integration tests Review Staging Production CI/CD pipeline with Anypoint Catalog CLI Vendor API Marketing API Customer API Catalog API Shipping API Anypoint Exchange
  • 16. Comprehensive API Discovery Discover Known APIs ● MuleSoft’s API Catalog CLI helps you bring non-Mule APIs from the CI/CD pipelines as and when they are created Discover Unknown APIs ● Analyze network traffic across your non-Mule infrastructure to discover hidden APIs ● Leverage MuleSoft’s API security partner network: Salt Security & Noname Security. ● In addition, benefit from Advanced API Abuse and Vulnerability detection. “Salt discovered 30% more APIs that were not previously catalogued in Anypoint.” - Takeda Pharmaceutical Company Discover and catalog non-Mule APIs in Anypoint Exchange
  • 17. Live Demo: Discover, Govern, and Manage APIs API Gateway API Policies Routing Build Unit tests Integration tests Vendor API Marketing API Customer API Catalog API Shipping API Anypoint Exchange Review Staging Production CI/CD pipeline with Anypoint Catalog CLI API Governance Compliance dashboard Enforce Rules Demo Step 2 Demo Step 3 Demo Step 1
  • 18. ● API use cases are evolving: Need for increased API Security ● API security challenges: API fragmentation and increased attack surface area Key Takeaways ● How do you start? Review the 5 API Security best practices ● Implement Universal API Management on a unified platform: Try now ● Utilize our technology partners (Noname, Salt Security) and SI partners with their methodologies to implement End-to-End API security
  • 19. Let’s Continue our Connection Where do we go from here? 30-day free trial to Anypoint Platform Check out 5 Security Best Practices Whitepaper Try it out Learn more Let’s meet again! Join us at World Tour NYC on May 4th! In person or Salesforce+