SlideShare a Scribd company logo

Innovate and Integrate – Modernising API Security

Forum Systems
Forum Systems

Today, organisations are challenged with the increasingly difficult task of improving interoperability and expanding accessibility without compromising security. In this session, Jason Macy, Forum Systems’ CTO, will discuss how enterprises can fulfill the demand of increased business integration without sacrificing security and protection. Topics covered will include: Architecture design, the key to enabling business agility. How to combine identity access control with data security. Simplifying your architecture to reduce costs.

Technology
1 of 26
Download to read offline
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Innovate and Integrate Modernising API Security Jason Macy, Chief Technology Officer
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Discussion Points • What is an API • Data externalization and modernization • Anatomy of API (information border) security • Secure agility via architecture design
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 What is an API?
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 What is an API? The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …) API is the access point (interface) to the service or data
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 APIs are Everywhere APIs The Integration Point of Innovation Externalization Modernization Cloud | Web Applications Exposed and consumed via standards- based technology for rapid integration and adoption Mobile| Apps Use web services for calls to back-end servers delivering data and logic Big Data| Analysis Big data analytic engines expose and monetize results via APIs Portals| Users Personalized experience, seamless and unified access to information resources
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Externalization and Modernization Open new channels And new revenue Deliver Integration and Service Maintain Security Services and Assets Clients and Consumers CreateConsume Internal APIs External APIs • Integrate • Subscribe • Invoke • Promote • Monitor • Secure
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 The Agility of API Abstraction Mobile Device Web Portal B2B Partner CloudApp Web Site Sat Link Company Assets and Services
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Anatomy of Modern API Security The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Anatomy of Modern API Security Threat Mitigation • Content-Aware (SOAP, REST, …) • Intrusion Detection and Prevention • Data Leakage • Embedded Malware Transport Security • SSL/TLS • IP, Port, URL Data Privacy • Content Encryption • Content Decryption Attribute Based Access Control • Subject, Object, Environment Role-Based Access Control • AuthN, AuthZ Integrity and Trust • Digital Signature • Signature Verification • Schema Validation
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Agile API Security – Decouple from Service The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Agile API Security – Decouple from Service The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Agile API Security – Decouple from Service Role-Based Access Control Threat Mitigation Transport Security Attribute-Based Access Control Data Privacy Integrity and Trust The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Modernise the IT Security Architecture
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 WAF IDS SIEM SOAVirtual ESBApps Portals Endpoint Services and Data Firewall Mobile B2B Cloud / 3rd PartyBrowsers Legacy IT Security Architecture
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Firewall WAF IDS SIEM SOAVirtual ESBApps Portals Internet / DMZ boundary DMZ / Extranet boundary DMZ / Intranet boundary Extranet / Intranet boundary Intranet / internal-enclave boundary API Security Gateway SECURITY • Protocol-Break Security • Deep Content-Inspection • Data Validation • Threat Analysis • Antivirus Scanning • Accelerated Cryptography Endpoint Services and Data IDENTITY • ABAC, RBAC, CBAC • SSO • Integrated SAML & OAuth Mobile B2B Cloud / 3rd PartyBrowsers The API Gateway Modern Architecture
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Combining Security with Identity ABAC, RBAC, CBAC
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Gateway – Centralized ABAC, RBAC, CBAC API Security Gateway SOA Virtual ESB Apps Portals Publish APIs for Consumption
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Gateway – Centralized ABAC, RBAC, CBAC Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL client Virtual API (Protocol break) API Security Gateway SOA Virtual ESB Apps Portals
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 SOA Virtual ESB Apps Portals API Security Gateway Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL client Virtual API (Protocol break) API Gateway – Centralized ABAC, RBAC, CBAC
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL ID Authentication, Authorization (Role-Based Access Control) OAuth, SAML, WS-Tokens, HTTP Form Post, HTTP Basic, HTTP Digest, NTLM, Kerberos, X509 Mutual, RSA SecureID client Virtual API (Protocol break) API Gateway – Centralized ABAC, RBAC, CBAC ? # ! Environment Conditions Subject Attributes Object Attributes Attribute Analysis (ABAC) API Security Gateway SOA Virtual ESB Apps Portals
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 ID Authentication, Authorization (Role-Based Access Control) OAuth, SAML, WS-Tokens, HTTP Form Post, HTTP Basic, HTTP Digest, NTLM, Kerberos, X509 Mutual, RSA SecureID Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL Virtual API (Protocol break) client API Gateway – Centralized ABAC, RBAC, CBAC ? # ! Environment Conditions Subject Attributes Object Attributes Attribute Analysis (ABAC) API Security Gateway SOA Virtual ESB Apps Portals Broker client request
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Authorization (Response RBAC) • Correlate inbound identity with response information • Allow, Filter, or Reject Deep Content Inspection (Response CBAC) • SOAP, XML, REST, JSON, HTML, URL client API Gateway – Centralized RBAC + CBAC + SSO API Security Gateway SOA Virtual ESB Apps Portals Broker service response
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Key Considerations
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway – Key Considerations Build vs Buy • Remove complexities of interoperability and leverage purpose-built industry proven security over home-grown coded solutions Flexible form factors • Virtual and physical to support deployment in any computing environment No Code SAML and OAuth • Legacy and modern system enablement of SAML and OAuth SSO without writing a single line of code
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway – Key Considerations Vendor Agnostic • Enables technology choices that improve agility, rather than stifle it Standard-Based • Out of the box support for all modern industry protocol and messaging standards (SOAP, XML, JSON, etc) Edge Facing • API Security Gateway built on secure architecture enables Tier 0 deployment to unify identity with security
Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Thank You More Info: www.forumsys.com

Recommended

API Security Management: Converging Cyber-security and Identity Access Control
API Security Management: Converging Cyber-security and Identity Access ControlAPI Security Management: Converging Cyber-security and Identity Access Control
API Security Management: Converging Cyber-security and Identity Access Control
Forum Systems
 
Fundamentals of API Security Management
Fundamentals of API Security ManagementFundamentals of API Security Management
Fundamentals of API Security Management
Forum Systems
 
Cisco Meraki Overview
Cisco Meraki OverviewCisco Meraki Overview
Cisco Meraki Overview
SSISG
 
BASS Company profile
BASS Company profileBASS Company profile
BASS Company profile
Rasheed Al Sulh
 
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
AirTight Networks
 
Be a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnify
Be a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnifyBe a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnify
Be a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnify
Alan Quayle
 
Squareway, a Secure Private 3G Network, Cyrille Manente, Vivaction
Squareway, a Secure Private 3G Network, Cyrille Manente, VivactionSquareway, a Secure Private 3G Network, Cyrille Manente, Vivaction
Squareway, a Secure Private 3G Network, Cyrille Manente, Vivaction
Alan Quayle
 
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
Alan Quayle
 

Recommended

API Security Management: Converging Cyber-security and Identity Access Control
API Security Management: Converging Cyber-security and Identity Access ControlAPI Security Management: Converging Cyber-security and Identity Access Control
API Security Management: Converging Cyber-security and Identity Access Control
Forum Systems
 
Fundamentals of API Security Management
Fundamentals of API Security ManagementFundamentals of API Security Management
Fundamentals of API Security Management
Forum Systems
 
Cisco Meraki Overview
Cisco Meraki OverviewCisco Meraki Overview
Cisco Meraki Overview
SSISG
 
BASS Company profile
BASS Company profileBASS Company profile
BASS Company profile
Rasheed Al Sulh
 
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
AirTight Networks
 
Be a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnify
Be a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnifyBe a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnify
Be a Virtual Mobile Network for your M2M/IoT Devices, Martin Giess, EMnify
Alan Quayle
 
Squareway, a Secure Private 3G Network, Cyrille Manente, Vivaction
Squareway, a Secure Private 3G Network, Cyrille Manente, VivactionSquareway, a Secure Private 3G Network, Cyrille Manente, Vivaction
Squareway, a Secure Private 3G Network, Cyrille Manente, Vivaction
Alan Quayle
 
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
Forget Mobile-First … Move your customers to IoT-First, Drew Johnson, Aeris C...
Alan Quayle
 
Mạng chuyển mạch thế hệ mới
Mạng chuyển mạch thế hệ mớiMạng chuyển mạch thế hệ mới
Mạng chuyển mạch thế hệ mới
Sunmedia Corporation
 
Meraki Company And Product Overview
Meraki Company And Product OverviewMeraki Company And Product Overview
Meraki Company And Product Overviewxanstevenson
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
Cisco Canada
 
ICPDAS - IIoT solution
ICPDAS - IIoT solutionICPDAS - IIoT solution
ICPDAS - IIoT solution
ICPDAS
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
ProductNation/iSPIRT
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
Nur Shiqim Chok
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco Canada
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Canada
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Canada
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural designCisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Canada
 
Magical meeting experiences
Magical meeting experiences Magical meeting experiences
Magical meeting experiences
Cisco Canada
 
UL TS - CSA NL SUMMIT
UL TS - CSA NL SUMMITUL TS - CSA NL SUMMIT
UL TS - CSA NL SUMMIT
Angelo D'Amato
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Canada
 
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Canada
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco Canada
 
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Canada
 
Gain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC NetworkingGain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC Networking
Cisco Canada
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
Priyanka Aash
 
API Security: the full story
API Security: the full storyAPI Security: the full story
API Security: the full story
42Crunch
 
API Security and OAuth for the Enterprise
API Security and OAuth for the EnterpriseAPI Security and OAuth for the Enterprise
API Security and OAuth for the Enterprise
CA API Management
 

More Related Content

What's hot

Mạng chuyển mạch thế hệ mới
Mạng chuyển mạch thế hệ mớiMạng chuyển mạch thế hệ mới
Mạng chuyển mạch thế hệ mới
Sunmedia Corporation
 
Meraki Company And Product Overview
Meraki Company And Product OverviewMeraki Company And Product Overview
Meraki Company And Product Overviewxanstevenson
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
Cisco Canada
 
ICPDAS - IIoT solution
ICPDAS - IIoT solutionICPDAS - IIoT solution
ICPDAS - IIoT solution
ICPDAS
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
ProductNation/iSPIRT
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
Nur Shiqim Chok
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco Canada
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Canada
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Canada
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural designCisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Canada
 
Magical meeting experiences
Magical meeting experiences Magical meeting experiences
Magical meeting experiences
Cisco Canada
 
UL TS - CSA NL SUMMIT
UL TS - CSA NL SUMMITUL TS - CSA NL SUMMIT
UL TS - CSA NL SUMMIT
Angelo D'Amato
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Canada
 
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Canada
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco Canada
 
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Canada
 
Gain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC NetworkingGain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC Networking
Cisco Canada
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
Priyanka Aash
 

What's hot (20)

Mạng chuyển mạch thế hệ mới
Mạng chuyển mạch thế hệ mớiMạng chuyển mạch thế hệ mới
Mạng chuyển mạch thế hệ mới
 
Meraki Company And Product Overview
Meraki Company And Product OverviewMeraki Company And Product Overview
Meraki Company And Product Overview
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
ICPDAS - IIoT solution
ICPDAS - IIoT solutionICPDAS - IIoT solution
ICPDAS - IIoT solution
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna center
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
 
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural designCisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
 
Magical meeting experiences
Magical meeting experiences Magical meeting experiences
Magical meeting experiences
 
UL TS - CSA NL SUMMIT
UL TS - CSA NL SUMMITUL TS - CSA NL SUMMIT
UL TS - CSA NL SUMMIT
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
 
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
 
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attack
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
 
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
 
Gain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC NetworkingGain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC Networking
 
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
(SACON) Satish Sreenivasaiah - DevSecOps Tools and Beyond
 

Viewers also liked

API Security: the full story
API Security: the full storyAPI Security: the full story
API Security: the full story
42Crunch
 
API Security and OAuth for the Enterprise
API Security and OAuth for the EnterpriseAPI Security and OAuth for the Enterprise
API Security and OAuth for the Enterprise
CA API Management
 
API Security and Management Best Practices
API Security and Management Best PracticesAPI Security and Management Best Practices
API Security and Management Best Practices
CA API Management
 
Deconstructing API Security
Deconstructing API SecurityDeconstructing API Security
Deconstructing API Security
Akana
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
Jagadish Vemugunta
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
Prabath Siriwardena
 
2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?
WSO2
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
Stormpath
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management
 

Viewers also liked (9)

API Security: the full story
API Security: the full storyAPI Security: the full story
API Security: the full story
 
API Security and OAuth for the Enterprise
API Security and OAuth for the EnterpriseAPI Security and OAuth for the Enterprise
API Security and OAuth for the Enterprise
 
API Security and Management Best Practices
API Security and Management Best PracticesAPI Security and Management Best Practices
API Security and Management Best Practices
 
Deconstructing API Security
Deconstructing API SecurityDeconstructing API Security
Deconstructing API Security
 
DataPower Restful API Security
DataPower Restful API SecurityDataPower Restful API Security
DataPower Restful API Security
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
 
2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 

Similar to Innovate and Integrate – Modernising API Security

Whats new in was liberty security and cloud readiness
Whats new in was liberty security and cloud readinessWhats new in was liberty security and cloud readiness
Whats new in was liberty security and cloud readinesssflynn073
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access Control
FIWARE
 
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...CA API Management
 
ORACLE FUSION - IBANK
ORACLE FUSION - IBANKORACLE FUSION - IBANK
ORACLE FUSION - IBANK
ibankuk
 
Apache Knox - Hadoop Security Swiss Army Knife
Apache Knox - Hadoop Security Swiss Army KnifeApache Knox - Hadoop Security Swiss Army Knife
Apache Knox - Hadoop Security Swiss Army Knife
DataWorks Summit
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access Control
FIWARE
 
Layer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and ComplexityLayer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and Complexity
CA API Management
 
Datapower Steven Cawn
Datapower Steven CawnDatapower Steven Cawn
Datapower Steven Cawn
Valeri Illescas
 
API Management Microservices beyond HIP
API Management Microservices beyond HIPAPI Management Microservices beyond HIP
API Management Microservices beyond HIP
SmartWave
 
Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design
Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by DesignJon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design
Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design
jonmccoy
 
Cisco Sona
Cisco SonaCisco Sona
Cisco Sona
jayconde
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding Guide
Geoffrey Vandiest
 
3 Easy Steps to Building Large-Scale IoT Architectures
3 Easy Steps to Building Large-Scale IoT Architectures3 Easy Steps to Building Large-Scale IoT Architectures
3 Easy Steps to Building Large-Scale IoT Architectures
Amazon Web Services
 
Oracle API Gateway
Oracle API GatewayOracle API Gateway
Oracle API Gateway
Rakesh Gujjarlapudi
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
SmartWave
 
MUM Middle East 2016 - System Integration Analyst
MUM Middle East 2016 - System Integration AnalystMUM Middle East 2016 - System Integration Analyst
MUM Middle East 2016 - System Integration Analyst
Fajar Nugroho
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.sflynn073
 
Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...
Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...
Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...
Elton Stoneman
 

Similar to Innovate and Integrate – Modernising API Security (20)

Whats new in was liberty security and cloud readiness
Whats new in was liberty security and cloud readinessWhats new in was liberty security and cloud readiness
Whats new in was liberty security and cloud readiness
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access Control
 
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...
API Management and OAuth for Web, Mobile and the Cloud: Scott Morrison's Pres...
 
ORACLE FUSION - IBANK
ORACLE FUSION - IBANKORACLE FUSION - IBANK
ORACLE FUSION - IBANK
 
Apache Knox - Hadoop Security Swiss Army Knife
Apache Knox - Hadoop Security Swiss Army KnifeApache Knox - Hadoop Security Swiss Army Knife
Apache Knox - Hadoop Security Swiss Army Knife
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
 
FIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access ControlFIWARE Global Summit - Identity Management and Access Control
FIWARE Global Summit - Identity Management and Access Control
 
Layer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and ComplexityLayer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and Complexity
 
Websphere mq series admin training
Websphere mq series admin trainingWebsphere mq series admin training
Websphere mq series admin training
 
Datapower Steven Cawn
Datapower Steven CawnDatapower Steven Cawn
Datapower Steven Cawn
 
API Management Microservices beyond HIP
API Management Microservices beyond HIPAPI Management Microservices beyond HIP
API Management Microservices beyond HIP
 
Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design
Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by DesignJon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design
Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design
 
Cisco Sona
Cisco SonaCisco Sona
Cisco Sona
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding Guide
 
3 Easy Steps to Building Large-Scale IoT Architectures
3 Easy Steps to Building Large-Scale IoT Architectures3 Easy Steps to Building Large-Scale IoT Architectures
3 Easy Steps to Building Large-Scale IoT Architectures
 
Oracle API Gateway
Oracle API GatewayOracle API Gateway
Oracle API Gateway
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 
MUM Middle East 2016 - System Integration Analyst
MUM Middle East 2016 - System Integration AnalystMUM Middle East 2016 - System Integration Analyst
MUM Middle East 2016 - System Integration Analyst
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.
 
Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...
Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...
Docker Dublin: Just What is a Service Mesh, and if I get one will it make eve...
 

Recently uploaded

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 

Recently uploaded (20)

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 

Innovate and Integrate – Modernising API Security

  • 1. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Innovate and Integrate Modernising API Security Jason Macy, Chief Technology Officer
  • 2. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Discussion Points • What is an API • Data externalization and modernization • Anatomy of API (information border) security • Secure agility via architecture design
  • 3. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 What is an API?
  • 4. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 What is an API? The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …) API is the access point (interface) to the service or data
  • 5. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 APIs are Everywhere APIs The Integration Point of Innovation Externalization Modernization Cloud | Web Applications Exposed and consumed via standards- based technology for rapid integration and adoption Mobile| Apps Use web services for calls to back-end servers delivering data and logic Big Data| Analysis Big data analytic engines expose and monetize results via APIs Portals| Users Personalized experience, seamless and unified access to information resources
  • 6. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Externalization and Modernization Open new channels And new revenue Deliver Integration and Service Maintain Security Services and Assets Clients and Consumers CreateConsume Internal APIs External APIs • Integrate • Subscribe • Invoke • Promote • Monitor • Secure
  • 7. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 The Agility of API Abstraction Mobile Device Web Portal B2B Partner CloudApp Web Site Sat Link Company Assets and Services
  • 8. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Anatomy of Modern API Security The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
  • 9. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Anatomy of Modern API Security Threat Mitigation • Content-Aware (SOAP, REST, …) • Intrusion Detection and Prevention • Data Leakage • Embedded Malware Transport Security • SSL/TLS • IP, Port, URL Data Privacy • Content Encryption • Content Decryption Attribute Based Access Control • Subject, Object, Environment Role-Based Access Control • AuthN, AuthZ Integrity and Trust • Digital Signature • Signature Verification • Schema Validation
  • 10. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Agile API Security – Decouple from Service The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
  • 11. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Agile API Security – Decouple from Service The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
  • 12. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Agile API Security – Decouple from Service Role-Based Access Control Threat Mitigation Transport Security Attribute-Based Access Control Data Privacy Integrity and Trust The Service Mobile, B2B, Portal, Data … (HTML, XML, SOAP, REST, JSON, …)
  • 13. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Modernise the IT Security Architecture
  • 14. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 WAF IDS SIEM SOAVirtual ESBApps Portals Endpoint Services and Data Firewall Mobile B2B Cloud / 3rd PartyBrowsers Legacy IT Security Architecture
  • 15. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Firewall WAF IDS SIEM SOAVirtual ESBApps Portals Internet / DMZ boundary DMZ / Extranet boundary DMZ / Intranet boundary Extranet / Intranet boundary Intranet / internal-enclave boundary API Security Gateway SECURITY • Protocol-Break Security • Deep Content-Inspection • Data Validation • Threat Analysis • Antivirus Scanning • Accelerated Cryptography Endpoint Services and Data IDENTITY • ABAC, RBAC, CBAC • SSO • Integrated SAML & OAuth Mobile B2B Cloud / 3rd PartyBrowsers The API Gateway Modern Architecture
  • 16. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Combining Security with Identity ABAC, RBAC, CBAC
  • 17. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Gateway – Centralized ABAC, RBAC, CBAC API Security Gateway SOA Virtual ESB Apps Portals Publish APIs for Consumption
  • 18. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Gateway – Centralized ABAC, RBAC, CBAC Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL client Virtual API (Protocol break) API Security Gateway SOA Virtual ESB Apps Portals
  • 19. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 SOA Virtual ESB Apps Portals API Security Gateway Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL client Virtual API (Protocol break) API Gateway – Centralized ABAC, RBAC, CBAC
  • 20. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL ID Authentication, Authorization (Role-Based Access Control) OAuth, SAML, WS-Tokens, HTTP Form Post, HTTP Basic, HTTP Digest, NTLM, Kerberos, X509 Mutual, RSA SecureID client Virtual API (Protocol break) API Gateway – Centralized ABAC, RBAC, CBAC ? # ! Environment Conditions Subject Attributes Object Attributes Attribute Analysis (ABAC) API Security Gateway SOA Virtual ESB Apps Portals
  • 21. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 ID Authentication, Authorization (Role-Based Access Control) OAuth, SAML, WS-Tokens, HTTP Form Post, HTTP Basic, HTTP Digest, NTLM, Kerberos, X509 Mutual, RSA SecureID Content Inspection (CBAC) SOAP, XML, REST, JSON, HTML, URL Virtual API (Protocol break) client API Gateway – Centralized ABAC, RBAC, CBAC ? # ! Environment Conditions Subject Attributes Object Attributes Attribute Analysis (ABAC) API Security Gateway SOA Virtual ESB Apps Portals Broker client request
  • 22. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Authorization (Response RBAC) • Correlate inbound identity with response information • Allow, Filter, or Reject Deep Content Inspection (Response CBAC) • SOAP, XML, REST, JSON, HTML, URL client API Gateway – Centralized RBAC + CBAC + SSO API Security Gateway SOA Virtual ESB Apps Portals Broker service response
  • 23. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway Key Considerations
  • 24. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway – Key Considerations Build vs Buy • Remove complexities of interoperability and leverage purpose-built industry proven security over home-grown coded solutions Flexible form factors • Virtual and physical to support deployment in any computing environment No Code SAML and OAuth • Legacy and modern system enablement of SAML and OAuth SSO without writing a single line of code
  • 25. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 API Security Gateway – Key Considerations Vendor Agnostic • Enables technology choices that improve agility, rather than stifle it Standard-Based • Out of the box support for all modern industry protocol and messaging standards (SOAP, XML, JSON, etc) Edge Facing • API Security Gateway built on secure architecture enables Tier 0 deployment to unify identity with security
  • 26. Forum Systems | www.forumsys.com | 888.811.0060 | 199 Wells Ave., Suite 105, Newton, MA 02459 Thank You More Info: www.forumsys.com