The summary is:
- The document describes an API governance meetup organized by the Kochi MuleSoft Meetup Group to discuss API governance concepts and Anypoint Platform's new API governance features.
- It includes an agenda covering API governance overview, benefits, key concepts like rulesets and profiles, and a demo of API governance in Anypoint Platform.
- The meetup aims to help participants learn how API governance can provide benefits like consistency, security, and quality by standardizing APIs according to best practices rules.
apidays LIVE Hong Kong 2021 - Headless API Management by Snehal Chakraborty, ...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Headless API Management
Snehal Chakraborty, Cloud Integration Architect at Accenture Netherlands B.V.
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Hamida Rebai Trabelsi
Session tilte: Azure API Management: Architecting for Performance and Security
Description:
This session will provide a comprehensive deep dive into Azure API Management, focusing on optimizing API performance and security. It is designed for developers, architects, and IT professionals who want to leverage Azure's capabilities for efficient API management. The session will blend theoretical insights with practical demonstrations, highlighting how to architect APIs for optimal performance and robust security in the Azure environment.
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...Nordic APIs
A presentation given by Markus Müller, CTO at APIIDA, at our 2024 Austin API Summit, March 12-13.
Session Description: In an era where digital transformation is pivotal, the management and governance of APIs have emerged as critical components in the technological infrastructure of businesses. "The Federated Future: Pioneering Next-Gen Solutions in API Management" is a forward-looking talk that delves into the evolving landscape of API governance, with a particular focus on Federated API Management as a groundbreaking approach.
Over the course of this presentation, we will explore the paradigm shift from traditional, centralized API management towards a more dynamic, federated model. This approach not only offers scalability and flexibility but also fosters innovation by enabling diverse teams to collaboratively manage APIs while adhering to consistent governance policies.
Key topics include:
- The current challenges in API governance and how federated management addresses these.
- The principles and architecture of Federated API Management, distinguishing it from traditional models.
- Real-world implications of adopting a federated approach, including case studies that illustrate its transformative impact on businesses.
- Strategies for implementing Federated API Management, focusing on best practices for seamless integration.
- The future outlook of API governance, anticipating emerging trends and technologies.
apidays New York 2023 - Make API Governance work in your unified API Strategy...apidays
apidays New York 2023
APIs for Embedded Business Models: Finance, Healthcare, Retail, and Media
May 16 & 17, 2023
Make API Governance work in your unified API Strategy
Markus Müller, CTO at APIIDA AG
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
apidays LIVE Hong Kong 2021 - Headless API Management by Snehal Chakraborty, ...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Headless API Management
Snehal Chakraborty, Cloud Integration Architect at Accenture Netherlands B.V.
Azure Spring Clean 2024 event - Azure API Management: Architecting for Perfor...Hamida Rebai Trabelsi
Session tilte: Azure API Management: Architecting for Performance and Security
Description:
This session will provide a comprehensive deep dive into Azure API Management, focusing on optimizing API performance and security. It is designed for developers, architects, and IT professionals who want to leverage Azure's capabilities for efficient API management. The session will blend theoretical insights with practical demonstrations, highlighting how to architect APIs for optimal performance and robust security in the Azure environment.
The Federated Future: Pioneering Next-Gen Solutions in API Management - Marku...Nordic APIs
A presentation given by Markus Müller, CTO at APIIDA, at our 2024 Austin API Summit, March 12-13.
Session Description: In an era where digital transformation is pivotal, the management and governance of APIs have emerged as critical components in the technological infrastructure of businesses. "The Federated Future: Pioneering Next-Gen Solutions in API Management" is a forward-looking talk that delves into the evolving landscape of API governance, with a particular focus on Federated API Management as a groundbreaking approach.
Over the course of this presentation, we will explore the paradigm shift from traditional, centralized API management towards a more dynamic, federated model. This approach not only offers scalability and flexibility but also fosters innovation by enabling diverse teams to collaboratively manage APIs while adhering to consistent governance policies.
Key topics include:
- The current challenges in API governance and how federated management addresses these.
- The principles and architecture of Federated API Management, distinguishing it from traditional models.
- Real-world implications of adopting a federated approach, including case studies that illustrate its transformative impact on businesses.
- Strategies for implementing Federated API Management, focusing on best practices for seamless integration.
- The future outlook of API governance, anticipating emerging trends and technologies.
apidays New York 2023 - Make API Governance work in your unified API Strategy...apidays
apidays New York 2023
APIs for Embedded Business Models: Finance, Healthcare, Retail, and Media
May 16 & 17, 2023
Make API Governance work in your unified API Strategy
Markus Müller, CTO at APIIDA AG
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
APIGEE is today’s important source of API skills and services for developers. API Management refers to the practices and tools that enable an organization to govern and monitor its Application Programming Interfaces (APIs). This course at IQ online training gives you an introductory look at the Apigee API Platform and API Design in general.
Do you know How to Effectively Test APIs.pdfAmeliaJonas2
As APIs play a crucial role in connecting different software systems, it is important to thoroughly test them to ensure smooth functioning of applications. This blog discusses how to test APIs, challenges involved and best practices to adopt along with recommendations for API Testing Services.
Apigee is an API development and management platform which offers an overlay or interface for your core service APIs by presenting them with a proxy layer. This enables security, rate limitation, quotas, and analytics, among other features.
Apigee is the main source of API capabilities and procedures for producers at the moment. Programming Interface Management describes the processes and tools that enable an organization to operate and administer its APIs. It controls how the entrance is routed to the backend management and how the response is returned.
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/08/wso2-api-platform-vision-and-roadmap/
WSO2 API platform adopters are driving digital business and creating innovative business models. API platforms create a secure, self-service, managed, and monetized environment that increases safe connected business interactions.
In this presentation, Chris and Shiro will describe:
Key goals and challenges driving API platform adoption
WSO2 API Platform capabilities and advantages
Visionary platform use cases
Innovative customer success stories
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)Sumanth Donthi
In this two-part series, Sumanth Donthi, Associate IO at AIG explains how AIG changed software delivery process with API Governance and how they improved operational efficiencies with GitOps.
API Management Platform Technical Evaluation FrameworkWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/05/api-management-platform-technical-evaluation-framework/
Consultant Robert Broeckelmann shares his experience of implementing API management in a large enterprise and will share how to:
- define API governance
- explore the goals, requirements, implementation of API governance
- look at lessons learned from implementing one enterprise customer's API governance process
apidays LIVE LONDON - API Standards and Governance Platform by Nicoleta Stoicaapidays
apidays LIVE LONDON - The Road to Embedded Finance, Banking and Insurance with APIs
API Standards and Governance Platform
Nicoleta Stoica, Lead API Architect at HSBC
Presentation from the technology track at I Love APIs London 2016 featuring Dhananjay Tripathi, Bupa and Ian Cooper, Thomson Reuters.
Building an API program in a large enterprise requires a new mindset relative to traditional SOA principles. In this session, learn about the required shift in thinking, from orchestration and mediation in ESBs to API-first design approaches, and the need to promote, socialize, monitor, and assess APIs once they are exposed.
Top 20 API Testing Interview Questions.pdfAnanthReddy38
Magnitia’s Web services Testing Training will provide you complete knowledge on Web services, API and their functionality. This API Testing course enables you to develop robust automation Framework for API’s test cases and how to test Web services and REST API using SoapUI& Rest Assured.
Lessons in Transforming the Enterprise to an API PlatformLaunchAny
A look at lessons from our recent consulting engagements on why and how enterprises are moving from an API program to an API platform as part of their digital transformation. Includes 5 common practices we see across successful enterprises as they move to an API platform. Recording: https://www.youtube.com/watch?v=Km-mCx0Zbgo&feature=youtu.be
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
APIGEE is today’s important source of API skills and services for developers. API Management refers to the practices and tools that enable an organization to govern and monitor its Application Programming Interfaces (APIs). This course at IQ online training gives you an introductory look at the Apigee API Platform and API Design in general.
Do you know How to Effectively Test APIs.pdfAmeliaJonas2
As APIs play a crucial role in connecting different software systems, it is important to thoroughly test them to ensure smooth functioning of applications. This blog discusses how to test APIs, challenges involved and best practices to adopt along with recommendations for API Testing Services.
Apigee is an API development and management platform which offers an overlay or interface for your core service APIs by presenting them with a proxy layer. This enables security, rate limitation, quotas, and analytics, among other features.
Apigee is the main source of API capabilities and procedures for producers at the moment. Programming Interface Management describes the processes and tools that enable an organization to operate and administer its APIs. It controls how the entrance is routed to the backend management and how the response is returned.
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/08/wso2-api-platform-vision-and-roadmap/
WSO2 API platform adopters are driving digital business and creating innovative business models. API platforms create a secure, self-service, managed, and monetized environment that increases safe connected business interactions.
In this presentation, Chris and Shiro will describe:
Key goals and challenges driving API platform adoption
WSO2 API Platform capabilities and advantages
Visionary platform use cases
Innovative customer success stories
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)Sumanth Donthi
In this two-part series, Sumanth Donthi, Associate IO at AIG explains how AIG changed software delivery process with API Governance and how they improved operational efficiencies with GitOps.
API Management Platform Technical Evaluation FrameworkWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/05/api-management-platform-technical-evaluation-framework/
Consultant Robert Broeckelmann shares his experience of implementing API management in a large enterprise and will share how to:
- define API governance
- explore the goals, requirements, implementation of API governance
- look at lessons learned from implementing one enterprise customer's API governance process
apidays LIVE LONDON - API Standards and Governance Platform by Nicoleta Stoicaapidays
apidays LIVE LONDON - The Road to Embedded Finance, Banking and Insurance with APIs
API Standards and Governance Platform
Nicoleta Stoica, Lead API Architect at HSBC
Presentation from the technology track at I Love APIs London 2016 featuring Dhananjay Tripathi, Bupa and Ian Cooper, Thomson Reuters.
Building an API program in a large enterprise requires a new mindset relative to traditional SOA principles. In this session, learn about the required shift in thinking, from orchestration and mediation in ESBs to API-first design approaches, and the need to promote, socialize, monitor, and assess APIs once they are exposed.
Top 20 API Testing Interview Questions.pdfAnanthReddy38
Magnitia’s Web services Testing Training will provide you complete knowledge on Web services, API and their functionality. This API Testing course enables you to develop robust automation Framework for API’s test cases and how to test Web services and REST API using SoapUI& Rest Assured.
Lessons in Transforming the Enterprise to an API PlatformLaunchAny
A look at lessons from our recent consulting engagements on why and how enterprises are moving from an API program to an API platform as part of their digital transformation. Includes 5 common practices we see across successful enterprises as they move to an API platform. Recording: https://www.youtube.com/watch?v=Km-mCx0Zbgo&feature=youtu.be
Similar to MuleSoft_Meetup__Official_August-2022.pptx (20)
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
2. Safe Harbour Statement
● Both the speaker and the host are organizing this meet-up in individual capacity only. We are
not representing our companies here.
● This presentation is strictly for learning purposes only. Organizer/Presenter do not hold any
responsibility that same solution will work for your business requirements.
● This presentation is not meant for any promotional activities.
2
3. A recording of this meetup will be uploaded to events page within 24 hours.
Questions can be submitted/asked at any time in the Chat/Questions & Answers Tab.
Make it more Interactive!!!
Give us feedback! Rate this meetup session by filling feedback form at the end of the day.
We Love Feedbacks!!! Its Bread & Butter for Meetup.
Housekeeping
3
4. 4
Organizers
⮚ 6+ Years of Experience in Integrations and API Technologies.
⮚ Certified Delivery champion MuleSoft Developer, Integration Architect
and platform Architect
⮚ 8+ Years of Experience in Integrations and API Technologies.
⮚ Certified MuleSoft Developer, Integration Architect and platform Architect.
⮚ MuleSoft Delivery Champion completed
⮚ Senior MuleSoft Developer | Integration Lead
⮚ 11+ years of Integration Experience Certified
Mulesoft Developer, Certified Mulesoft Platform
Architect
5. 5
Speakers
Supriya Pawar
Integration Architect at
Accenture
About the Speaker:
⮚ Having 7+ years of overall experience building integration solutions.
⮚ Certified MuleSoft Developer And Architect.
About the Speaker:
⮚ 8+ Years of Experience in Integrations and API
Technologies.
⮚ Certified MuleSoft Developer, Integration Architect and
platform Architect.
⮚ MuleSoft Delivery Champion completed
Deepak Talluri
Technical Team lead
at Accenture
6. Agenda
API Governance Overview
What is API Governance?
01
Highs and Lows of API Governance
Benefits
05
Create Governance Profiles, Default Rule Sets, Dashboards/ Reports/
Notifications
Demo
04
Profiles, Rulesets, API Conformance, Identify APIs to govern, Adding
Asset Tags, Categories in Exchange
What’s new with API Governance on AnyPoint Platform?
02
Rulesets, Profiles, Conformance, Notifications
API Governance Key Facts
03
7. What is API Governance?
API governance is the practice of applying common rules and guardrails relating to API standards and security policies to your APIs.
These rules are applied through checks and validations.
• The goal of API governance is to ensure proper standardization of your APIs so that they are complete, compliant, and consistent,
and therefore easily discoverable and reusable.
API
Governance
API
Guidelines
API
Security
API Best
Practices
8. What’s New with API Governance
on Anypoint Platform?
Anypoint API Governance is a component of the Anypoint Platform that enables you to apply governance rules to your APIs as part of the API
lifecycle.
API Governance helps you improve your organization’s API quality by enabling you to identify conformance issues and take steps to resolve
them.
01
Publish governance rulesets in
Anypoint Exchange to share with
other developers.
Share governance best practices 02
Enable developers to apply governance
rulesets at design time in Anypoint API
Designer.
Apply consistent rules at design time
03
Automatically apply standards to
your API contract and definition
within your CI/CD pipeline.
Enforce governance within your
DevOps organization
9. API Governance Concepts
Governance Profiles
A governance profile applies chosen governance rulesets to a
select group of APIs. The API definitions are validated against
the governance rulesets.
• A governance profile has two statuses, Normal and At Risk,
which are based on the percentage of conformant APIs in the
governance profile.
At Risk: Less than 70% of APIs are conformant
Normal: More than 70% of APIs are conformant
Governance Rulesets
Governance rulesets are collections of rules, or
guidelines, that can be applied over the metadata
extracted from any REST API definition in the Anypoint
Platform.
• Few Examples - Internal and External best practice
guidelines - Naming conventions, Industry Specific
government standards, such as making sure your
APIs carrying sensitive data are encrypted (HTTPS).
API Conformance
API conformance indicates whether a validated API
definition passes all the required rules in one or more
governance rulesets.
If an API definition is included in multiple governance
profiles, it must pass all the rulesets in all those profiles
to be conformant.
Note: API Conformance applies only to API Definitions that are
published in Exchange as REST APIs
Nonconformance Severity
Nonconformance severity is categorized by percentage of
passed rulesets among all required rulesets.
High Severity - 0 - 40% rulesets
passed
Medium Severity - 41% - 80% rulesets
passed
Low Severity - 81% - 99% rulesets
passed
11. API Governance Key Facts
These are collections of rules, or guidelines, that can be applied over
the metadata extracted from any REST API definition in the Anypoint
Platform.
E.g: internal and external best practice guidelines, such as naming
conventions, and industry-specific government standards, such as
making sure your APIs carrying sensitive data are encrypted (HTTPS).
Custom rulesets can be created as well and used in profiles.
API developers or architects can apply the governance rulesets directly
to API definitions as dependencies in API Designer during the API
design phase.
Multiple profiles can be created depending on the category of APIs.
If an API definition is included in multiple governance profiles, it must
pass all the rulesets in all of those profiles to be conformant.
Rulesets
Profiles
12. API Governance Key Facts
Conformance
The API definitions are validated against the governance rulesets and
conformance is calculated.
API conformance applies only to API definitions that are published in
Exchange as REST APIs.
APIs with >70% conformance are treated as “Normal"
APIs with <70% conformance are treated as “At Risk”
APIs are validated if they are identified by the selection criteria of at
least one of the governance profiles.
API conformance indicates whether a validated API definition passes
all the required rules in one or more governance rulesets.
Notification
API Owner will be notified about the Conformance of the API
Conformance report with violations can be emailed to stake holders.
Same report can be exported to excel
14. Consistency
in API specs
and the
standards
across the
platform
High Security
assured by
minimizing
risks
highlighted
by OWASP
High Quality
assured with
Anypoint Best
Practices
rules
Allows
developers to
ensure APIs
are in
conformance
at design
time
CI/CD
compatible
• Adds performance
overhead, but this
could overcome by
following design &
development best
practices
Low
Highs/Benefits
API Governance - Benefits