SlideShare a Scribd company logo

Designing Secure APIs in the Cloud

Postman
Postman

TALK | Services are exposed on the Internet and can be accessed by anyone and may have untrusted users

Software
1 of 23
Download to read offline
Designing secure cloud applications
A few benefits of moving to the cloud @adoranwodo
But with all this enjoyment comes responsibility @adoranwodo
Human error / mistakes Malicious attacks Legal / compliance issues Security risks in cloud applications @adoranwodo
Hi, I’m Adora! Software Engineer, Microsoft Mixed Reality Tech Content Creator, AdoraHack Co-Founder, unStack Advisory Board, VRARA Nigeria @adoranwodo @adoranwodo
SECURITY CHECKLIST Analyse and understand what/how your application needs to be secured @adoranwodo
Will my application contain sensitive customer data? Where and how is my applications data stored? Will this application be available over the internet (publicly) or just internally? How do I plan to verify my users identity? What sensitive tasks are performed in my application? Does my application perform any risky software activities? @adoranwodo
Data protection Identity Management Federated Identity Valet Key PATTERNS Gatekeeper PATTERNS @adoranwodo
GATEKEEPER PATTERN Data protection scenario @adoranwodo
@adoranwodo
@adoranwodo
VALET KEY PATTERN Identity management scenario @adoranwodo
@adoranwodo
public class ValuesController : ApiController { private readonly BlobServiceClient blobServiceClient; private readonly string blobContainer; ... /// <summary> /// Return a limited access key that allows the caller to upload a file /// to this specific destination for a defined period of time (10 minutes). /// </summary> private StorageEntitySas GetSharedAccessReferenceForUpload(string blobName) { var blob = blobServiceClient.GetBlobContainerClient(this.blobContainer).GetBlobClient(blobName); var storageSharedKeyCredential = new StorageSharedKeyCredential(blobServiceClient.AccountName, ConfigurationManager.AppSettings["AzureStorageEmulatorAccountKey"]); var blobSasBuilder = new BlobSasBuilder { BlobContainerName = this.blobContainer, BlobName = blobName, Resource = "b", StartsOn = DateTimeOffset.UtcNow.AddMinutes(-10), ExpiresOn = DateTimeOffset.UtcNow.AddMinutes(10) }; policy.SetPermissions(BlobSasPermissions.Write); var sas = policy.ToSasQueryParameters(storageSharedKeyCredential).ToString(); return new StorageEntitySas { BlobUri = blob.Uri, Credentials = sas }; } public struct StorageEntitySas { public string Credentials; public Uri BlobUri; } } Code snippet from docs.microsoft.com @adoranwodo
FEDERATED IDENTITY PATTERN Identity management scenario @adoranwodo
Claims based access control @adoranwodo
OTHER WAYS TO ENFORCE SECURITY @adoranwodo
Use multi-factor authentication Consider Implementing JIT(Just In Time) access for resources Use stable AuthN & AuthZ platforms Require re-authentication for some actions (e.g. financial transactions) Identity @adoranwodo
Reduce your attack surface Properly handle errors and exceptions Properly monitor your service and trigger alerts about issues Encrypt sensitive data Implement fail-safe measures Consider threat modelling Core security @adoranwodo
Core security - Threat modelling @adoranwodo S - Spoofing attacks T - Tampering R - Repudiation I - Information disclosure D - Denial of service E - Elevation of privilege
Use secure libraries Update service dependencies to prevent vulnerabilities Avoid hardcoding. Always reference secrets from a secrets manager Bonus - Implementation @adoranwodo
https://docs.microsoft.com/en-us/azure/security/develop/secure-design https://docs.microsoft.com/en-us/azure/architecture/patterns/federated-identity https://techbeacon.com/app-dev-testing/cloud-app-security-how-not-fail https://docs.microsoft.com/en-us/azure/security/fundamentals/paas-deployments https://www.ibm.com/cloud/architecture/architectures/securityArchitecture/implement-secure-devops Additional reading @adoranwodo
Thank you! www.adoranwodo.com @adoranwodo

Recommended

Making App Developers More Productive
Making App Developers More ProductiveMaking App Developers More Productive
Making App Developers More ProductivePostman
 
How to use prancer configuration wizard for easy repository onboarding for ia...
How to use prancer configuration wizard for easy repository onboarding for ia...How to use prancer configuration wizard for easy repository onboarding for ia...
How to use prancer configuration wizard for easy repository onboarding for ia...Prancer Io
 
BaasBox - Your mobile backend made easy
BaasBox - Your mobile backend made easyBaasBox - Your mobile backend made easy
BaasBox - Your mobile backend made easyCommit University
 
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014Amazon Web Services
 
Content as a Service with Umbraco Headless
Content as a Service with Umbraco HeadlessContent as a Service with Umbraco Headless
Content as a Service with Umbraco HeadlessFilip Bruun Bech-Larsen
 
Event Sourcing your AngularJS applications
Event Sourcing your AngularJS applicationsEvent Sourcing your AngularJS applications
Event Sourcing your AngularJS applicationsMaurice De Beijer [MVP]
 
Eventbus Library and How Does it Work?
Eventbus Library and How Does it Work?Eventbus Library and How Does it Work?
Eventbus Library and How Does it Work?InnovationM
 
Event Sourcing your Angular and React applications
Event Sourcing your Angular and React applicationsEvent Sourcing your Angular and React applications
Event Sourcing your Angular and React applicationsMaurice De Beijer [MVP]
 

Recommended

Making App Developers More Productive
Making App Developers More ProductiveMaking App Developers More Productive
Making App Developers More ProductivePostman
 
How to use prancer configuration wizard for easy repository onboarding for ia...
How to use prancer configuration wizard for easy repository onboarding for ia...How to use prancer configuration wizard for easy repository onboarding for ia...
How to use prancer configuration wizard for easy repository onboarding for ia...Prancer Io
 
BaasBox - Your mobile backend made easy
BaasBox - Your mobile backend made easyBaasBox - Your mobile backend made easy
BaasBox - Your mobile backend made easyCommit University
 
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014Amazon Web Services
 
Content as a Service with Umbraco Headless
Content as a Service with Umbraco HeadlessContent as a Service with Umbraco Headless
Content as a Service with Umbraco HeadlessFilip Bruun Bech-Larsen
 
Event Sourcing your AngularJS applications
Event Sourcing your AngularJS applicationsEvent Sourcing your AngularJS applications
Event Sourcing your AngularJS applicationsMaurice De Beijer [MVP]
 
Eventbus Library and How Does it Work?
Eventbus Library and How Does it Work?Eventbus Library and How Does it Work?
Eventbus Library and How Does it Work?InnovationM
 
Event Sourcing your Angular and React applications
Event Sourcing your Angular and React applicationsEvent Sourcing your Angular and React applications
Event Sourcing your Angular and React applicationsMaurice De Beijer [MVP]
 
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014Amazon Web Services
 
Full Stack Application Monitoring for AWS Powered by AI
Full Stack Application Monitoring for AWS Powered by AIFull Stack Application Monitoring for AWS Powered by AI
Full Stack Application Monitoring for AWS Powered by AIDynatrace
 
Code Generation for Azure with .net
Code Generation for Azure with .netCode Generation for Azure with .net
Code Generation for Azure with .netMarco Parenzan
 
Asp net core in azure
Asp net core in azureAsp net core in azure
Asp net core in azureShahriar Hossain
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
The magic of Ajax & WebGIS
The magic of Ajax & WebGISThe magic of Ajax & WebGIS
The magic of Ajax & WebGISBahman Jamali
 
Scaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceScaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceCloudVillage
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Automatizacion de Procesos en Modelos Tabulares
Automatizacion de Procesos en Modelos TabularesAutomatizacion de Procesos en Modelos Tabulares
Automatizacion de Procesos en Modelos TabularesGaston Cruz
 
Securing your vpc in aws
Securing your vpc in awsSecuring your vpc in aws
Securing your vpc in awsvinoth kumar
 
The importance of monitoring your Azure SQL Database
The importance of monitoring your Azure SQL DatabaseThe importance of monitoring your Azure SQL Database
The importance of monitoring your Azure SQL DatabaseRed Gate Software
 
Middleware in Asp.Net Core
Middleware in Asp.Net CoreMiddleware in Asp.Net Core
Middleware in Asp.Net CoreShahriar Hossain
 
React - Redux applications & Event Sourcing
React - Redux applications & Event SourcingReact - Redux applications & Event Sourcing
React - Redux applications & Event SourcingMaurice De Beijer [MVP]
 
IoT in salsa serverless
IoT in salsa serverlessIoT in salsa serverless
IoT in salsa serverlessMassimo Bonanni
 
Native cloud security monitoring
Native cloud security monitoringNative cloud security monitoring
Native cloud security monitoringJohn Varghese
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennaivinoth kumar
 
Azure Event Grid
Azure Event Grid Azure Event Grid
Azure Event Grid Karthikeyan VK
 
7 17 event_logging_architecture 1
7 17 event_logging_architecture 17 17 event_logging_architecture 1
7 17 event_logging_architecture 1ss_testing
 
The Azure API-ness Factory
The Azure API-ness FactoryThe Azure API-ness Factory
The Azure API-ness FactoryMike Martin
 
Protecting your online and on premises assets “Cloud Style”
Protecting your online and on premises assets “Cloud Style”Protecting your online and on premises assets “Cloud Style”
Protecting your online and on premises assets “Cloud Style”Mike Martin
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 202010 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020Matt Raible
 

More Related Content

What's hot

(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014Amazon Web Services
 
Full Stack Application Monitoring for AWS Powered by AI
Full Stack Application Monitoring for AWS Powered by AIFull Stack Application Monitoring for AWS Powered by AI
Full Stack Application Monitoring for AWS Powered by AIDynatrace
 
Code Generation for Azure with .net
Code Generation for Azure with .netCode Generation for Azure with .net
Code Generation for Azure with .netMarco Parenzan
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsMaurice De Beijer [MVP]
 
The magic of Ajax & WebGIS
The magic of Ajax & WebGISThe magic of Ajax & WebGIS
The magic of Ajax & WebGISBahman Jamali
 
Scaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceScaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceCloudVillage
 
Automatizacion de Procesos en Modelos Tabulares
Automatizacion de Procesos en Modelos TabularesAutomatizacion de Procesos en Modelos Tabulares
Automatizacion de Procesos en Modelos TabularesGaston Cruz
 
Securing your vpc in aws
Securing your vpc in awsSecuring your vpc in aws
Securing your vpc in awsvinoth kumar
 
The importance of monitoring your Azure SQL Database
The importance of monitoring your Azure SQL DatabaseThe importance of monitoring your Azure SQL Database
The importance of monitoring your Azure SQL DatabaseRed Gate Software
 
Middleware in Asp.Net Core
Middleware in Asp.Net CoreMiddleware in Asp.Net Core
Middleware in Asp.Net CoreShahriar Hossain
 
React - Redux applications & Event Sourcing
React - Redux applications & Event SourcingReact - Redux applications & Event Sourcing
React - Redux applications & Event SourcingMaurice De Beijer [MVP]
 
Native cloud security monitoring
Native cloud security monitoringNative cloud security monitoring
Native cloud security monitoringJohn Varghese
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennaivinoth kumar
 
7 17 event_logging_architecture 1
7 17 event_logging_architecture 17 17 event_logging_architecture 1
7 17 event_logging_architecture 1ss_testing
 
The Azure API-ness Factory
The Azure API-ness FactoryThe Azure API-ness Factory
The Azure API-ness FactoryMike Martin
 
Protecting your online and on premises assets “Cloud Style”
Protecting your online and on premises assets “Cloud Style”Protecting your online and on premises assets “Cloud Style”
Protecting your online and on premises assets “Cloud Style”Mike Martin
 

What's hot (20)

(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
 
Full Stack Application Monitoring for AWS Powered by AI
Full Stack Application Monitoring for AWS Powered by AIFull Stack Application Monitoring for AWS Powered by AI
Full Stack Application Monitoring for AWS Powered by AI
 
Code Generation for Azure with .net
Code Generation for Azure with .netCode Generation for Azure with .net
Code Generation for Azure with .net
 
Asp net core in azure
Asp net core in azureAsp net core in azure
Asp net core in azure
 
Event-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applicationsEvent-Sourcing your React-Redux applications
Event-Sourcing your React-Redux applications
 
The magic of Ajax & WebGIS
The magic of Ajax & WebGISThe magic of Ajax & WebGIS
The magic of Ajax & WebGIS
 
Scaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceScaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open Source
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Automatizacion de Procesos en Modelos Tabulares
Automatizacion de Procesos en Modelos TabularesAutomatizacion de Procesos en Modelos Tabulares
Automatizacion de Procesos en Modelos Tabulares
 
Securing your vpc in aws
Securing your vpc in awsSecuring your vpc in aws
Securing your vpc in aws
 
The importance of monitoring your Azure SQL Database
The importance of monitoring your Azure SQL DatabaseThe importance of monitoring your Azure SQL Database
The importance of monitoring your Azure SQL Database
 
Middleware in Asp.Net Core
Middleware in Asp.Net CoreMiddleware in Asp.Net Core
Middleware in Asp.Net Core
 
React - Redux applications & Event Sourcing
React - Redux applications & Event SourcingReact - Redux applications & Event Sourcing
React - Redux applications & Event Sourcing
 
IoT in salsa serverless
IoT in salsa serverlessIoT in salsa serverless
IoT in salsa serverless
 
Native cloud security monitoring
Native cloud security monitoringNative cloud security monitoring
Native cloud security monitoring
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
 
Azure Event Grid
Azure Event Grid Azure Event Grid
Azure Event Grid
 
7 17 event_logging_architecture 1
7 17 event_logging_architecture 17 17 event_logging_architecture 1
7 17 event_logging_architecture 1
 
The Azure API-ness Factory
The Azure API-ness FactoryThe Azure API-ness Factory
The Azure API-ness Factory
 
Protecting your online and on premises assets “Cloud Style”
Protecting your online and on premises assets “Cloud Style”Protecting your online and on premises assets “Cloud Style”
Protecting your online and on premises assets “Cloud Style”
 

Similar to Designing Secure APIs in the Cloud

Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 202010 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020Matt Raible
 
Spring in the Cloud - using Spring with Cloud Foundry
Spring in the Cloud - using Spring with Cloud FoundrySpring in the Cloud - using Spring with Cloud Foundry
Spring in the Cloud - using Spring with Cloud FoundryJoshua Long
 
Azure Table Storage: The Good, the Bad, the Ugly (full talk)
Azure Table Storage: The Good, the Bad, the Ugly (full talk)Azure Table Storage: The Good, the Bad, the Ugly (full talk)
Azure Table Storage: The Good, the Bad, the Ugly (full talk)Sirar Salih
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
Incident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfIncident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfAmazon Web Services
 
Automation in Digital Cloud Labs
Automation in Digital Cloud LabsAutomation in Digital Cloud Labs
Automation in Digital Cloud LabsRapidValue
 
Web App Security for Java Developers - PWX 2021
Web App Security for Java Developers - PWX 2021Web App Security for Java Developers - PWX 2021
Web App Security for Java Developers - PWX 2021Matt Raible
 
Building a GDPR-compliant architecture on AWS.pdf
Building a GDPR-compliant architecture on AWS.pdfBuilding a GDPR-compliant architecture on AWS.pdf
Building a GDPR-compliant architecture on AWS.pdfZen Bit Tech
 
Developing your first application using FI-WARE
Developing your first application using FI-WAREDeveloping your first application using FI-WARE
Developing your first application using FI-WAREFermin Galan
 
Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...
Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...
Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...Amazon Web Services
 
STG311_Deep Dive on Amazon S3 & Amazon Glacier Storage Management
STG311_Deep Dive on Amazon S3 & Amazon Glacier Storage ManagementSTG311_Deep Dive on Amazon S3 & Amazon Glacier Storage Management
STG311_Deep Dive on Amazon S3 & Amazon Glacier Storage ManagementAmazon Web Services
 
Top 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfTop 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfSparity1
 
Integrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteIntegrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteAtlassian
 
How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...
How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...
How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...Amazon Web Services
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevaldbuildacloud
 
Developing your first application using FIWARE
Developing your first application using FIWAREDeveloping your first application using FIWARE
Developing your first application using FIWAREFIWARE
 
Web App Security for Java Developers - UberConf 2021
Web App Security for Java Developers - UberConf 2021Web App Security for Java Developers - UberConf 2021
Web App Security for Java Developers - UberConf 2021Matt Raible
 
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APIKevin Hakanson
 
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...Amazon Web Services
 

Similar to Designing Secure APIs in the Cloud (20)

Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
 
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 202010 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
10 Excellent Ways to Secure Spring Boot Applications - Okta Webinar 2020
 
Spring in the Cloud - using Spring with Cloud Foundry
Spring in the Cloud - using Spring with Cloud FoundrySpring in the Cloud - using Spring with Cloud Foundry
Spring in the Cloud - using Spring with Cloud Foundry
 
Azure Table Storage: The Good, the Bad, the Ugly (full talk)
Azure Table Storage: The Good, the Bad, the Ugly (full talk)Azure Table Storage: The Good, the Bad, the Ugly (full talk)
Azure Table Storage: The Good, the Bad, the Ugly (full talk)
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
Incident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfIncident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdf
 
Automation in Digital Cloud Labs
Automation in Digital Cloud LabsAutomation in Digital Cloud Labs
Automation in Digital Cloud Labs
 
Web App Security for Java Developers - PWX 2021
Web App Security for Java Developers - PWX 2021Web App Security for Java Developers - PWX 2021
Web App Security for Java Developers - PWX 2021
 
Building a GDPR-compliant architecture on AWS.pdf
Building a GDPR-compliant architecture on AWS.pdfBuilding a GDPR-compliant architecture on AWS.pdf
Building a GDPR-compliant architecture on AWS.pdf
 
Developing your first application using FI-WARE
Developing your first application using FI-WAREDeveloping your first application using FI-WARE
Developing your first application using FI-WARE
 
Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...
Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...
Deep Dive on Amazon S3 & Amazon Glacier Storage Management - STG311 - re:Inve...
 
STG311_Deep Dive on Amazon S3 & Amazon Glacier Storage Management
STG311_Deep Dive on Amazon S3 & Amazon Glacier Storage ManagementSTG311_Deep Dive on Amazon S3 & Amazon Glacier Storage Management
STG311_Deep Dive on Amazon S3 & Amazon Glacier Storage Management
 
Top 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfTop 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdf
 
Integrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code SuiteIntegrating Jira Software Cloud With the AWS Code Suite
Integrating Jira Software Cloud With the AWS Code Suite
 
How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...
How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...
How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as...
 
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex HenevaldCloud Application Blueprints with Apache Brooklyn by Alex Henevald
Cloud Application Blueprints with Apache Brooklyn by Alex Henevald
 
Developing your first application using FIWARE
Developing your first application using FIWAREDeveloping your first application using FIWARE
Developing your first application using FIWARE
 
Web App Security for Java Developers - UberConf 2021
Web App Security for Java Developers - UberConf 2021Web App Security for Java Developers - UberConf 2021
Web App Security for Java Developers - UberConf 2021
 
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
 
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
 

More from Postman

Elevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & DocumentationElevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & DocumentationPostman
 
Discovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with PostmanDiscovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with PostmanPostman
 
Optimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for CollaborationOptimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for CollaborationPostman
 
API testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation TechniquesAPI testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation TechniquesPostman
 
Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)Postman
 
Five Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanFive Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanPostman
 
How to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future SuccessHow to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future SuccessPostman
 
Revolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with PostmanRevolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with PostmanPostman
 
Everything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIEverything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIPostman
 
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Postman
 
Five Things You SHOULD Know About Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About PostmanPostman
 
Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs Postman
 
How ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in PopularityHow ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in PopularityPostman
 
Exploring Postman’s VS Code Extension
Exploring Postman’s VS Code ExtensionExploring Postman’s VS Code Extension
Exploring Postman’s VS Code ExtensionPostman
 
2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and Trends2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and TrendsPostman
 
Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World Postman
 
Testing and Developing gRPC APIs
Testing and Developing gRPC APIsTesting and Developing gRPC APIs
Testing and Developing gRPC APIsPostman
 
Testing and Developing GraphQL APIs
Testing and Developing GraphQL APIsTesting and Developing GraphQL APIs
Testing and Developing GraphQL APIsPostman
 
Introduction to API Security - Intergalactic
Introduction to API Security - IntergalacticIntroduction to API Security - Intergalactic
Introduction to API Security - IntergalacticPostman
 
Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2Postman
 

More from Postman (20)

Elevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & DocumentationElevating Developer Experiences with AI-Powered API Testing & Documentation
Elevating Developer Experiences with AI-Powered API Testing & Documentation
 
Discovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with PostmanDiscovering Public APIs and Public API Network with Postman
Discovering Public APIs and Public API Network with Postman
 
Optimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for CollaborationOptimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
Optimizing Teamwork: Harnessing Collections & Workspaces for Collaboration
 
API testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation TechniquesAPI testing Beyond the Basics AI & Automation Techniques
API testing Beyond the Basics AI & Automation Techniques
 
Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)Not Your Grandma’s Rate Limiting (slides)
Not Your Grandma’s Rate Limiting (slides)
 
Five Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanFive Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with Postman
 
How to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future SuccessHow to Scale APIs-as-Product for Future Success
How to Scale APIs-as-Product for Future Success
 
Revolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with PostmanRevolutionizing API Development: Collaborative Workflows with Postman
Revolutionizing API Development: Collaborative Workflows with Postman
 
Everything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIEverything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPI
 
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
 
Five Things You SHOULD Know About Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
 
Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs Integration-, Snapshot- and Performance-Testing APIs
Integration-, Snapshot- and Performance-Testing APIs
 
How ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in PopularityHow ChatGPT led OpenAPI's Recent Spike in Popularity
How ChatGPT led OpenAPI's Recent Spike in Popularity
 
Exploring Postman’s VS Code Extension
Exploring Postman’s VS Code ExtensionExploring Postman’s VS Code Extension
Exploring Postman’s VS Code Extension
 
2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and Trends2023 State of the API Report: Key Findings and Trends
2023 State of the API Report: Key Findings and Trends
 
Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World Nordic- APIOps is here What will you build in an API First World
Nordic- APIOps is here What will you build in an API First World
 
Testing and Developing gRPC APIs
Testing and Developing gRPC APIsTesting and Developing gRPC APIs
Testing and Developing gRPC APIs
 
Testing and Developing GraphQL APIs
Testing and Developing GraphQL APIsTesting and Developing GraphQL APIs
Testing and Developing GraphQL APIs
 
Introduction to API Security - Intergalactic
Introduction to API Security - IntergalacticIntroduction to API Security - Intergalactic
Introduction to API Security - Intergalactic
 
Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2Unboxing What's New in Postman Q2
Unboxing What's New in Postman Q2
 

Recently uploaded

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
buds n tech IT solutions
buds n tech IT solutionsbuds n tech IT solutions
buds n tech IT solutionsmonugehlot87
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 

Recently uploaded (20)

KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
buds n tech IT solutions
buds n tech IT solutionsbuds n tech IT solutions
buds n tech IT solutions
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 

Designing Secure APIs in the Cloud