The document summarizes an agenda for an API development roundtable discussion. It introduces the speakers and establishes discussion rules. It then provides an overview of APIs, including their evolution, growth, use cases, security considerations, and adoption across industries. A quick poll is taken on companies' API maturity. Key concerns around API development like security, performance, and ownership models are discussed. Current tools and strategies used are reviewed. The document recaps the discussion and thanks participants.

1. Developing an API Strategy:
Increasing Efficiency and Engagement
Agile Development & Business Process
Management Roundtable

2. Agenda
• Introductions
• Rules of the Road
• API Overview
• Quick Poll
• Concerns and questions that must be addressed
• Current tools and strategies
• Recap
• Wrap Up

3. Introductions
Scott Wissel, Manager of Emerging Technologies, TTX Company
Scott prides himself on capitalizing on the smartest technology decisions to advance TTX’s business goals.
TTX Company is a leading provider of railcars and related freight car management services to the North
American rail industry. For the past six years, Scott has focused on aligning technology and business to
achieve success. Prior to TTX, Scott held roles in consulting and application architecture for organizations like
Coventry Health Care and Risetime.
Patrick Emmons, Founder and CEO of DragonSpears, Inc.
Patrick's focus on taking the best of software development methodologies and applying them to building
applications that support business goals, has created a solid foundation for the success of DragonSpears. He
is a Microsoft Certified Solutions Developer (MCSD) and his past has also included work as a developer /
consultant for Ameritech, Motorola, and Baker Robbins.

4. RULES OF THE ROAD
Rule #1 – No Free Rides
Rule #2 – No Pitching

5. API Overview - What is an API
An application programming interface (API) is a set of subroutine definitions, protocols,
and tools for building software and applications. A good API makes it easier to develop
a program by providing all the building blocks, which are then put together by the
programmer. An API may be for a web-based system, operating system, database
system, computer hardware, or software library

6. API Overview – Evolution of APIs
1960 - 1980
Basic interoperability
enables the first
programmatic exchanges
of information. Simple
interconnect between
network protocols.
Sessions established to
exchange information.
TECHNIQUES
ARPANET, ATTP, and TCP
sessions
1980 - 1990
Creation of interfaces with
function and logic.
Information is shared in
meaningful ways. Object
brokers, procedure calls,
and program calls allow
remote interaction across a
network.
TECHNIQUES
Point-to-point interfaces,
screenscraping, RFCs, and
EDI
1990 - 2000
New platforms enhance
exchanges through
middleware. Interfaces
begin to be defined as
services. Tools manage the
sophistications and
reliability of messaging.
TECHNIQUES
Message-oriented
middleware, enterprise
service bus, and service
oriented architecture.
2000 - Today
Businesses build APIs to
enable and accelerate new
service development and
offerings. API layers
manage the OSS/BSS of
integration.
TECHNIQUES
Integration as a service,
RESTful services, API
management, and cloud
orchestration.
Source: ProgrammableWeb, http://www.programmableweb.com, accessed January 7, 2015

7. API Overview: Growing Rapidly
MonthlyTraffic(Billion)
The increased pace of digital transformation in
enterprises is evidenced by a large increase in API
traffic, which has grown 2.8 times year-over-year.
Media, retail, and information services industries
account for 73% of API traffic. Annual peaks are
observed in API traffic around Thanksgiving, when
retailers experience significant spikes in traffic
volume.
Salesforce.com generates 50% of its
revenues through APIs.
eBay generates 60%.
Expedia.com generates 90%.
Source: The Strategic Value of APIs, HBR, Jan. 2015
Source: Apigee State of APIs Report 2016

8. API Overview: B2B
Source: Apigee State of APIs Report 2016
Internal operations
initiatives are mostly on
empowering sales and
support teams to deliver
superior customer value.
Customer experience initiatives
are focused on delivering superior
digital experience through mobile
and other channels.
Enterprises are using APIs to
extend their business capabilities
through partner channels and
ecosystem engagement initiatives.
Partner/Channel Engagement (B2B)
Customer Experience (B2C)
Internal Operations

9. API Overview: Who’s Leading the Charge
Source: Apigee State of APIs Report 2016
65%
32%
3%
Number of APIs Hosted By Region
Americas Europe Asisa
Digital transformation is very active in North America and Europe, as seen
by the number of APIs hosted and consumed by app developers.
We believe that North American enterprises are typically 6-12 months ahead
of their European counterparts in digital transformation initiatives and 18-24
months ahead of Asian enterprises.
Percentage of App Developers Using APIs Hosted in Region
Americas Europe Asia

10. API Overview: API Digital Maturity
Source: Apigee State of APIs Report 2016
66%
27%
7%
Distribution of customers by number of api-driven apps
Project (1-10 apps) Program (11-50 apps) Platform (50+ apps)
The Project to Program to Platform Journey
Successful API run enterprises use the project-to-
program-to-platform approach to achieve their
digital transformation.
Enterprises typically start with couple of discreet
digital projects, and, as the number of developer
teams and projects grow, they create an API
program.
Over time, as enterprises build more digital
experiences powered by APIs, they grow an
ecosystem of developers & partners that leverage
their core assets and drive the innovation and
network effect of a digital platform.

11. API Overview: Use Cases
Source: Apigee State of APIs Report 2016
85%
Business Logic
To accelerate digital initiatives without disrupting their
back-ends, companies are adding business logic at the
API Tier.
API PLATFORM USE
% of companies using API platform capability
57%
Data Transformations
38%
Data Persistence
Increasingly, enterprises are storing persistent
data in the API Tier to improve app
performance and accelerate app development.
Majority of enterprises are using the API tier for data
transformations to tie disparate backend systems
and formats seamlessly.

12. API Overview: Security
Source: Apigee State of APIs Report 2016
85%
Threat Protection
57%
OAuth
78%
Spike Arrest
Percentage of companies using security capability in the API Tier
Enterprises are looking to APIs for three key security advantages:
Built-in privacy: It is critical to have security built into the technology and operating environment. APIs inherently have authentication,
authorization, auditing, and traceability built into them with OAuth, TLS/SSL, and traceability.
Threat protection: API-based policy management enables an enterprise to automate detection and protection from OWASP’s top 10
threats (such as SQL injection and XSS), and adaptive threats such as bad bots.
Visibility and governance: APIs provide visibility into which enterprise data is accessed, by which apps and which users. Role-based
access control (RBAC) at the API tier ensures the right level of protection, while giving visibility and transparency.

13. API Overview: Adoption By Vertical
Source: Apigee State of APIs Report 2016
Most popular API platform capabilities being used in key industries
Retail Information Services Media
Business Logic Business Logic Business Logic
Data Transformation Data Transformations Data Transformations
Security – OAuth V2
Security – API Key Security – API Key
Quota Management Quota Management
Caching
The focus is to deliver content like product
catalog quickly, hence high use of caching
and access without authentication
Extensive use of security policies, including
OAuth and API keys to ensure core digital
assets are protected
Protect digital assets with API keys and quota
policies to protect backend systems from abuse

14. API Overview: Open API

15. API Overview: API versus SOA
SOA is about…
XML and SOAP
Architectural best practices
Decoupling application
Usually solve a technical problem
API is about…
REST/JSON
Consumable Services (internally or externally)
Treated like a product
Usually solve a business problem
Both need…
Designed for different audiences
Supported as stand alone applications
https://blog.akana.com/api-vs-soa-different/

16. QUICK POLL
1. Looking to get started
2. Used them with a project or two
3. Have an established program
4. Part of every application
What is your company’s
level of maturity in APIs?

17. Concerns and Questions
Security
How are we going to secure the data?
Performance & Scalability
How do we make sure that we are not letting our users degrade
the performance of the applications?
Monitoring & Analytics
How do we make sure that we are monitoring who is using the
API
Ownership
This is a product instead of a architectural solution, who is going
to own this?
https://blog.akana.com/api-vs-soa-different/

18. Current Tools & Strategies
https://blog.akana.com/api-vs-soa-different/

19. RECAP POLL
1. A better understanding of APIs
2. Some ideas about how to get started
3. Answers to some nagging questions
4. A good idea of how to use APIs as a
platform
What did you get out of
today’s roundtable?

20. Thank you!
Thanks to Scott for taking the time to lead
this discussion. And thanks to everyone for
joining us today and sharing their
experiences!