This document provides an overview of open source software. It discusses why organizations use open source software, noting benefits like more control over the software, increased security, support for interoperability, and guaranteed future development. It also covers the differences between free and open source software. The document outlines several open source foundations and their major projects. It explores open source philosophies like community over code and the cathedral and bazaar models of development. Finally, it addresses understanding open source infrastructure like mailing lists, version control, issue trackers, wikis, documentation, and websites.
[WSO2 Integration Summit San Francisco 2019] WSO2’s Open Everything StrategyWSO2
The industry seems to be moving away from pure open source businesses. WSO2 is going the opposite direction, maintaining a strong commitment to open sourcing our products and open sourcing even more of our IP, building communities, making expertise available to our customers, and bringing transparency to our business culture and operations. This deck explains why we believe our strategy of openness is fundamental to the success of WSO2 and our customers.
How WSO2 API Manager Supports the Ministry of Hajj and UmrahWSO2
The Ministry of Hajj and Umrah aims to serve the pilgrims and Umrah in the best way possible. With dozens of internal and external systems already integrated to fulfill the ministry's many business needs, it was vital to maintain an organized and well-defined integration strategy. APIs play a pivotal role in this, and managing them was a key priority and a prime concern.
WSO2, in partnership with Sejel Technologies, designed and implemented a dedicated API management platform for the ministry of Hajj and Umrah, and to date provides professional support.
Owing to the significant increase in integration endpoints and stakeholders, the need to formally manage the ministry’s assets exposed through APIs was essential. Following a thorough evaluation of the API management offerings available in the market, the ministry selected WSO2 API Manager. Not only did the platform meet all of the requirements—such as security, policy enforcement, clustered high availability options, and analytical reporting—it also came with professional support and the active involvement of WSO2 consultants, who were committed to the goal of achieving API sophistication.
We will also cover:
Why the Ministry of Hajj and Umrah required a dedicated API management platform.
The evaluation criteria and how the ministry shortlisted WSO2 API Manager.
How WSO2 API Manager helps the ministry efficiently achieve its business goals.
How the ministry benefits from WSO2’s support model and expertise.
How to release more reliable, better-performing APIs
Watch the on-demand webinar here: https://wso2.com/library/webinars/wso2-apimanager-supports-the-ministry-of-hajj-and-umrah/
[WSO2Con EU 2018] Implementing a Zero Downtime WSO2 API Manager with an API C...WSO2
Like many other companies like it, NN Group is undertaking a digital transformation. APIs are the key enabler of this digital transformation. In 2017 they commenced the implementation of the API management solution using WSO2 software. They have engineered the WSO2 components in such a way to create an API Management infrastructure that is fully automated, both in provisioning, and operational management. WSO2 is now being used for managing external APIs. NN Group is now expanding its use to internal API management. This presentation focuses on the way they have engineered their external API management solution on the AWS cloud, how they implemented several CI/CD patterns to achieve zero down-time, and how they set up their API community.
[APIdays INTERFACE 2021] Programming the Cloud through APIsWSO2
We live in a world where many digital services are offered as APIs today. You will find APIs for finance, healthcare, communication, retail, travel and transportation, leisure, real estate, and many more services. These APIs form a large global ecosystem of APIs providing great value for new digital services. For businesses to be able to participate in this ecosystem, they have to be providing their services through the Cloud, in the form of APIs. This workshop discusses what developers should be thinking about when developing and exposing new APIs on the cloud. It will also cover best practices, pitfalls, and security-related matters that will be important for developers and architects who are building APIs on the cloud.
[WSO2 Integration Summit Stuttgart 2019] Role of Integration in an API Driven...WSO2
This deck covers why API Driven integrations are important, API and Integration strategy and approaches, WSO2 Integration suite functionality to support API driven Integration, and how to successfully implement API driven Integration.
Join us at a city near you to learn how to achieve API-driven integration agility. https://wso2.com/integration-summits-2019/
[WSO2 Integration Summit San Francisco 2019] The Composable EnterpriseWSO2
This document discusses the growing importance of APIs and integration in enabling composable architectures. It makes three key points:
1) As applications and services become more disaggregated, integration between them is becoming more important but also more challenging due to the large number of endpoints. APIs are helping to address this by acting as the "glue" between systems.
2) Within organizations, APIs are also crucial for enabling internal reconfiguration and flexibility as business needs change. They allow both internal and external capabilities to be delivered as independent services.
3) A cellular model where independent, self-contained "cells" (microservices, functions, etc.) can be composed is emerging as an architecture that supports agility, scal
How to integrate legacy systems within a modern polyglot and event driven arc...Andrea Gioia
This document summarizes a presentation about evolving legacy systems to a modern, event-driven architecture using Apache Kafka and change data capture. It discusses moving from a tangled "spaghetti architecture" to a message-driven system using microservices and APIs. It also covers offloading legacy data and processes from mainframes and other systems by reading change logs with Attunity Replicate to minimize disruption. The talk presents an evolutionary approach and maturity model for offloading from the data level to fully migrating business processes and applications.
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Detecting and Protecting PII at Runtime
Rob Dickinson, Co-Founder & CEO at Resurface Labs
[WSO2 Integration Summit San Francisco 2019] WSO2’s Open Everything StrategyWSO2
The industry seems to be moving away from pure open source businesses. WSO2 is going the opposite direction, maintaining a strong commitment to open sourcing our products and open sourcing even more of our IP, building communities, making expertise available to our customers, and bringing transparency to our business culture and operations. This deck explains why we believe our strategy of openness is fundamental to the success of WSO2 and our customers.
How WSO2 API Manager Supports the Ministry of Hajj and UmrahWSO2
The Ministry of Hajj and Umrah aims to serve the pilgrims and Umrah in the best way possible. With dozens of internal and external systems already integrated to fulfill the ministry's many business needs, it was vital to maintain an organized and well-defined integration strategy. APIs play a pivotal role in this, and managing them was a key priority and a prime concern.
WSO2, in partnership with Sejel Technologies, designed and implemented a dedicated API management platform for the ministry of Hajj and Umrah, and to date provides professional support.
Owing to the significant increase in integration endpoints and stakeholders, the need to formally manage the ministry’s assets exposed through APIs was essential. Following a thorough evaluation of the API management offerings available in the market, the ministry selected WSO2 API Manager. Not only did the platform meet all of the requirements—such as security, policy enforcement, clustered high availability options, and analytical reporting—it also came with professional support and the active involvement of WSO2 consultants, who were committed to the goal of achieving API sophistication.
We will also cover:
Why the Ministry of Hajj and Umrah required a dedicated API management platform.
The evaluation criteria and how the ministry shortlisted WSO2 API Manager.
How WSO2 API Manager helps the ministry efficiently achieve its business goals.
How the ministry benefits from WSO2’s support model and expertise.
How to release more reliable, better-performing APIs
Watch the on-demand webinar here: https://wso2.com/library/webinars/wso2-apimanager-supports-the-ministry-of-hajj-and-umrah/
[WSO2Con EU 2018] Implementing a Zero Downtime WSO2 API Manager with an API C...WSO2
Like many other companies like it, NN Group is undertaking a digital transformation. APIs are the key enabler of this digital transformation. In 2017 they commenced the implementation of the API management solution using WSO2 software. They have engineered the WSO2 components in such a way to create an API Management infrastructure that is fully automated, both in provisioning, and operational management. WSO2 is now being used for managing external APIs. NN Group is now expanding its use to internal API management. This presentation focuses on the way they have engineered their external API management solution on the AWS cloud, how they implemented several CI/CD patterns to achieve zero down-time, and how they set up their API community.
[APIdays INTERFACE 2021] Programming the Cloud through APIsWSO2
We live in a world where many digital services are offered as APIs today. You will find APIs for finance, healthcare, communication, retail, travel and transportation, leisure, real estate, and many more services. These APIs form a large global ecosystem of APIs providing great value for new digital services. For businesses to be able to participate in this ecosystem, they have to be providing their services through the Cloud, in the form of APIs. This workshop discusses what developers should be thinking about when developing and exposing new APIs on the cloud. It will also cover best practices, pitfalls, and security-related matters that will be important for developers and architects who are building APIs on the cloud.
[WSO2 Integration Summit Stuttgart 2019] Role of Integration in an API Driven...WSO2
This deck covers why API Driven integrations are important, API and Integration strategy and approaches, WSO2 Integration suite functionality to support API driven Integration, and how to successfully implement API driven Integration.
Join us at a city near you to learn how to achieve API-driven integration agility. https://wso2.com/integration-summits-2019/
[WSO2 Integration Summit San Francisco 2019] The Composable EnterpriseWSO2
This document discusses the growing importance of APIs and integration in enabling composable architectures. It makes three key points:
1) As applications and services become more disaggregated, integration between them is becoming more important but also more challenging due to the large number of endpoints. APIs are helping to address this by acting as the "glue" between systems.
2) Within organizations, APIs are also crucial for enabling internal reconfiguration and flexibility as business needs change. They allow both internal and external capabilities to be delivered as independent services.
3) A cellular model where independent, self-contained "cells" (microservices, functions, etc.) can be composed is emerging as an architecture that supports agility, scal
How to integrate legacy systems within a modern polyglot and event driven arc...Andrea Gioia
This document summarizes a presentation about evolving legacy systems to a modern, event-driven architecture using Apache Kafka and change data capture. It discusses moving from a tangled "spaghetti architecture" to a message-driven system using microservices and APIs. It also covers offloading legacy data and processes from mainframes and other systems by reading change logs with Attunity Replicate to minimize disruption. The talk presents an evolutionary approach and maturity model for offloading from the data level to fully migrating business processes and applications.
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Detecting and Protecting PII at Runtime
Rob Dickinson, Co-Founder & CEO at Resurface Labs
[WSO2 Integration Summit San Francisco 2019] Protecting API Infrastructures —...WSO2
What do Google, Facebook, Paypal, IRS, T-mobile, and USPS have in common? Answer -- hackers used their APIs to access sensitive customer information. Although these API attacks were exposed, most API-based attacks go undetected these days. This deck will discuss today’s evolving API threat landscape and explore what you can do to both detect and block cyberattacks from authenticated users and hackers who have reverse engineered your API with an integrated solution from WSO2 and PingIntelligence.
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...WSO2
Kubernetes has been called the "platform of platforms" and the final major evolutionary step of cloud native computing. What's needed to build an API Platform on it? A great developer experience? An API Marketplace for managing all APIs together in one place? Auto build and deploy onto multiple flavors of K8s? Multi-tenancy? SaaS model hosting with multi-tenancy? Team based development? Ability to create new microservices and APIs? Support for sync and async protocols? Analytics? Metering, monitoring, policy enforcement? What else? Are we done? Or will we need to rebuild the platform again on serverless functions?
Watch Recording : https://youtu.be/kQjETt_c8Ac
[WSO2 Integration Summit Johannesburg 2019] Technology Market Outlook and Str...WSO2
This document discusses the growing importance of APIs and microservices architectures to support disaggregated applications and cloud-native technologies. It notes that APIs have become the fundamental way that digital services are built and consumed, serving as the "glue" between independent systems. A new programming language called Ballerina is introduced for developing APIs in a cloud-native way using cells, which are proposed as the basic building blocks for composing independent but interoperable microservices into larger applications and enterprises.
[WSO2 Integration Summit San Francisco 2019] The API-driven WorldWSO2
APIs and integration is suddenly the hottest sector in enterprise software!
This deck will discuss how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years. All digital transformation is now API-driven and integration technologies underpin their evolution.
As the world becomes digitally-native, how will the role of enterprise architecture shift? How do we leverage cloud native and agility initiatives?
This deck discusses,
- The impact APIs are having on digital transformation
- WSO2's roadmap for API-driven initiatives
- A reference architecture for agility
- A new agility methodology for integration
- How microservices will pervade integration products
- Our commitment and role of Ballerina (cloud native programming language)
- New channel and reseller programs for partners
This deck covers why API Driven integrations are important, API and Integration strategy and approaches, WSO2 Integration suite functionality to support API driven Integration, and how to successfully implement API driven Integration
Standard Issue: Preparing for the Future of Data ManagementInside Analysis
The Briefing Room with Robin Bloor and Jaspersoft
Slides from the Live Webcast on Sept. 18, 2012
As change continues to sweep across the data management industry, many organizations are looking for ways to prepare their systems and personnel for an unpredictable future. Forces such as Big Data and Cloud Computing are creating new opportunities and significant challenges for a world filled with legacy systems. Information architectures are fundamentally changing, and that's good news for companies that can take advantage of recent innovations.
Check out this episode of The Briefing Room to learn from veteran Analyst Robin Bloor, who will explain why the Information Oriented Architecture provides a stable roadmap for companies looking to harness a new era of corporate computing. He'll be briefed by Mike Boyarski of Jaspersoft, who will tout his company's history of integrating with highly diverse information systems. He'll also discuss Jaspersoft's standards-based, Cloud-ready architecture, and how it enables organizations to embed powerful Business Intelligence capabilities into their existing systems.
http://www.insideanalysis.com
[WSO2 API Day Toronto 2019] Cloud-native Integration for the EnterpriseWSO2
This deck covers, the importance of application integration in microservices and cloud-native architecture, how microservices and cloud-native applications are integrated, service Mesh vs Application Integration, key application integration requirements, and patterns, cloud-native technologies for application integration and WSO2 offerings in cloud-native integration space.
Want to know if we'll be heading your way next? Find out here: https://wso2.com/events/
[WSO2 Summit Sydney 2019] Emerging Architecture Patterns: API-centric and Cel...WSO2
In this deck, Asanka will introduce the "cell-based" reference architecture, which is API-centric, cloud-native, and microservices-friendly. He will explain the role of APIs in the cell-based approach, as well as examine how real applications are built as cells. Asanka will explore the metrics and approaches that can be used to measure the effectiveness of the architecture and explore how organizations can implement the cell approach.
This year we’re touring the world! Join us at a city near you to learn how to achieve API-driven integration agility. - https://wso2.com/integration-summits-2019/
API Management within a Microservice ArchitectureWSO2
This slide deck will discuss API management's role in a microservices ecosystem. It will discuss the purpose of edge gateways and proxies and how that complements a well defined API management layer.
[WSO2 Integration Summit San Francisco 2019] Ballerina - Cloud Native Middlew...WSO2
Sameera Jayasoma presented on Ballerina, a programming language for integration and microservices. Ballerina aims to make every developer an integration developer by providing abstractions for consuming and providing services. It addresses challenges like transactions, events, and protocol handling that are common in integration. The Ballerina platform includes tools for developing, testing, running and deploying Ballerina programs.
API Management 101: The New API Experience with WSO2WSO2
This document discusses API management using WSO2 and covers topics like securing APIs, controlling and limiting access, monitoring usage, and providing developer portals. It addresses common issues faced by service providers like restricting some services, checking call volumes, and mediating access. The solution is to use an API management platform to secure, control, monitor, and govern APIs. Key capabilities covered include authentication, rate limiting, analytics, documentation, versioning, monitoring, and continuous integration/delivery of APIs.
Message based microservices architectures driven with dockerDocker, Inc.
Microservices are not for everyone, but there are some incredible benefits to employing microservice architecture principles to enable co-evolution of services and features and reduce friction during the DevOps cycle. The growth of moving parts, however, does require tight DevOps procedures, and visibility into system operations including diagnostics, application events and audit trail. Event streaming can enhance your solution enabling async processing and scale, but also enhancing visibility to the solution as a whole. The good news is that if you are already designing a solution based on microservice principles, you are already positioned to incorporate events with less pain. Services that "fit in your head" lead to a manageable approach to introducing event-based strategies. In this session you'll learn how to design a microservices solution with Docker, that relies on event streams to produce workflow state, history and full audit. You'll see patterns for structuring your solutions, managing events and payloads, designing your eventual consistency strategy, and producing full history and audit logs for the solution.
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0WSO2
APIs now serve as the primary building blocks for assembling data, events, and services from within the organization, throughout ecosystems, and across devices. Integrated legacy systems and support for modern event-driven architectures, on the other hand, are critical in allowing timely, relevant digital experiences in response to customer behavior. To support these demands, WSO2 has added significant new capabilities to WSO2 API Manager 4.0.0.
Complete support for streaming APIs and event-driven architecture (EDA)
The first solution to support full implementation of the AsyncAPI specification
A Service Catalog to enable developers to discover a given service seamlessly
API / API product revisioning to keep track of the changes
Feature-rich, cloud-based analytics for easy integration
You will gain a full understanding of WSO2 API Manager 4.0.0 features and how they cater to current API Management demands by attending this webinar.
DURING THE WEBINAR, WE WILL COVER:
Experience the power and synergy of Service Integration and API Management in a fully functional API ecosystem
Understand the motivation behind WSO2 API Manager 4.0.0 release
New streaming and event-driven architecture support available in API Manager 4.0.0
Learn the importance of catering all API Management and integration demands with one connected platform
Explore other new features and enhancements to the product
Crossing the low-code and pro-code chasm: a platform approachAsanka Abeysinghe
Organizations are now using low-code and pro-code tools to build digital experiences internally and externally. However, not having the right alignment between these two approaches slows down delivery.
Different developer personas that work in silos, no connection between low-code and pro-code applications, low-code creating unmanageable shadow IT applications, no single codebase or build pipeline, and interruptions to the professional developer flow are some significant drawbacks.
In this session, Asanka will look at a platform approach to bridge the low-code and pro-code chasm.
apidays LIVE London 2021 - Advanced Authentication patterns at the Edge by De...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
API Security
Advanced Authentication patterns at the Edge
Denis Jannot, Director of Field Engineering - EMEA at Solo.io
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
Client-side applications are becoming an increasingly popular technology to build applications owing to the advanced user experience that they provide consumers. Authentication and API authorization for these applications are also becoming equally popular topics that many developers have a hard time getting their heads around.
Check these slides, where Johann Nallathamby, Head of Solutions Architecture for IAM at WSO2, will attempt to demystify some complexities and misconceptions surrounding this topic and help you better understand the most important features to consider when choosing an authentication and API authorization solution for client-side applications.
These slides will review:
- The broader classification of client-side applications and their legacy and more recent authentication and API authorization patterns
- Sender-constrained token patterns
- Solution patterns being employed to improve user experience in client-side applications
Intro to open source - 101 presentationJavier Perez
This document provides an overview of open-source software and how to get started with it. It discusses the history of open-source software dating back to 1955. It defines key open-source concepts like licenses, roles, and best practices for contributing. It also highlights the large open-source ecosystems existing today and the top companies contributing to open-source. The document aims to address common questions or concerns about open-source software.
This document provides an overview of open source software, including its definition, development philosophy, and key principles. It discusses the open source definition and freedoms it provides users. Open source refers to software whose source code is publicly available and allows users freedom to use, copy, modify, and redistribute the software. Popular open source licenses like GPL, LGPL, BSD, MIT and Apache licenses are discussed in terms of their permissions and restrictions. The document also covers open source business models, communities, and trends, as well as tips for starting an open source project.
[WSO2 Integration Summit San Francisco 2019] Protecting API Infrastructures —...WSO2
What do Google, Facebook, Paypal, IRS, T-mobile, and USPS have in common? Answer -- hackers used their APIs to access sensitive customer information. Although these API attacks were exposed, most API-based attacks go undetected these days. This deck will discuss today’s evolving API threat landscape and explore what you can do to both detect and block cyberattacks from authenticated users and hackers who have reverse engineered your API with an integrated solution from WSO2 and PingIntelligence.
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...WSO2
Kubernetes has been called the "platform of platforms" and the final major evolutionary step of cloud native computing. What's needed to build an API Platform on it? A great developer experience? An API Marketplace for managing all APIs together in one place? Auto build and deploy onto multiple flavors of K8s? Multi-tenancy? SaaS model hosting with multi-tenancy? Team based development? Ability to create new microservices and APIs? Support for sync and async protocols? Analytics? Metering, monitoring, policy enforcement? What else? Are we done? Or will we need to rebuild the platform again on serverless functions?
Watch Recording : https://youtu.be/kQjETt_c8Ac
[WSO2 Integration Summit Johannesburg 2019] Technology Market Outlook and Str...WSO2
This document discusses the growing importance of APIs and microservices architectures to support disaggregated applications and cloud-native technologies. It notes that APIs have become the fundamental way that digital services are built and consumed, serving as the "glue" between independent systems. A new programming language called Ballerina is introduced for developing APIs in a cloud-native way using cells, which are proposed as the basic building blocks for composing independent but interoperable microservices into larger applications and enterprises.
[WSO2 Integration Summit San Francisco 2019] The API-driven WorldWSO2
APIs and integration is suddenly the hottest sector in enterprise software!
This deck will discuss how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years. All digital transformation is now API-driven and integration technologies underpin their evolution.
As the world becomes digitally-native, how will the role of enterprise architecture shift? How do we leverage cloud native and agility initiatives?
This deck discusses,
- The impact APIs are having on digital transformation
- WSO2's roadmap for API-driven initiatives
- A reference architecture for agility
- A new agility methodology for integration
- How microservices will pervade integration products
- Our commitment and role of Ballerina (cloud native programming language)
- New channel and reseller programs for partners
This deck covers why API Driven integrations are important, API and Integration strategy and approaches, WSO2 Integration suite functionality to support API driven Integration, and how to successfully implement API driven Integration
Standard Issue: Preparing for the Future of Data ManagementInside Analysis
The Briefing Room with Robin Bloor and Jaspersoft
Slides from the Live Webcast on Sept. 18, 2012
As change continues to sweep across the data management industry, many organizations are looking for ways to prepare their systems and personnel for an unpredictable future. Forces such as Big Data and Cloud Computing are creating new opportunities and significant challenges for a world filled with legacy systems. Information architectures are fundamentally changing, and that's good news for companies that can take advantage of recent innovations.
Check out this episode of The Briefing Room to learn from veteran Analyst Robin Bloor, who will explain why the Information Oriented Architecture provides a stable roadmap for companies looking to harness a new era of corporate computing. He'll be briefed by Mike Boyarski of Jaspersoft, who will tout his company's history of integrating with highly diverse information systems. He'll also discuss Jaspersoft's standards-based, Cloud-ready architecture, and how it enables organizations to embed powerful Business Intelligence capabilities into their existing systems.
http://www.insideanalysis.com
[WSO2 API Day Toronto 2019] Cloud-native Integration for the EnterpriseWSO2
This deck covers, the importance of application integration in microservices and cloud-native architecture, how microservices and cloud-native applications are integrated, service Mesh vs Application Integration, key application integration requirements, and patterns, cloud-native technologies for application integration and WSO2 offerings in cloud-native integration space.
Want to know if we'll be heading your way next? Find out here: https://wso2.com/events/
[WSO2 Summit Sydney 2019] Emerging Architecture Patterns: API-centric and Cel...WSO2
In this deck, Asanka will introduce the "cell-based" reference architecture, which is API-centric, cloud-native, and microservices-friendly. He will explain the role of APIs in the cell-based approach, as well as examine how real applications are built as cells. Asanka will explore the metrics and approaches that can be used to measure the effectiveness of the architecture and explore how organizations can implement the cell approach.
This year we’re touring the world! Join us at a city near you to learn how to achieve API-driven integration agility. - https://wso2.com/integration-summits-2019/
API Management within a Microservice ArchitectureWSO2
This slide deck will discuss API management's role in a microservices ecosystem. It will discuss the purpose of edge gateways and proxies and how that complements a well defined API management layer.
[WSO2 Integration Summit San Francisco 2019] Ballerina - Cloud Native Middlew...WSO2
Sameera Jayasoma presented on Ballerina, a programming language for integration and microservices. Ballerina aims to make every developer an integration developer by providing abstractions for consuming and providing services. It addresses challenges like transactions, events, and protocol handling that are common in integration. The Ballerina platform includes tools for developing, testing, running and deploying Ballerina programs.
API Management 101: The New API Experience with WSO2WSO2
This document discusses API management using WSO2 and covers topics like securing APIs, controlling and limiting access, monitoring usage, and providing developer portals. It addresses common issues faced by service providers like restricting some services, checking call volumes, and mediating access. The solution is to use an API management platform to secure, control, monitor, and govern APIs. Key capabilities covered include authentication, rate limiting, analytics, documentation, versioning, monitoring, and continuous integration/delivery of APIs.
Message based microservices architectures driven with dockerDocker, Inc.
Microservices are not for everyone, but there are some incredible benefits to employing microservice architecture principles to enable co-evolution of services and features and reduce friction during the DevOps cycle. The growth of moving parts, however, does require tight DevOps procedures, and visibility into system operations including diagnostics, application events and audit trail. Event streaming can enhance your solution enabling async processing and scale, but also enhancing visibility to the solution as a whole. The good news is that if you are already designing a solution based on microservice principles, you are already positioned to incorporate events with less pain. Services that "fit in your head" lead to a manageable approach to introducing event-based strategies. In this session you'll learn how to design a microservices solution with Docker, that relies on event streams to produce workflow state, history and full audit. You'll see patterns for structuring your solutions, managing events and payloads, designing your eventual consistency strategy, and producing full history and audit logs for the solution.
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0WSO2
APIs now serve as the primary building blocks for assembling data, events, and services from within the organization, throughout ecosystems, and across devices. Integrated legacy systems and support for modern event-driven architectures, on the other hand, are critical in allowing timely, relevant digital experiences in response to customer behavior. To support these demands, WSO2 has added significant new capabilities to WSO2 API Manager 4.0.0.
Complete support for streaming APIs and event-driven architecture (EDA)
The first solution to support full implementation of the AsyncAPI specification
A Service Catalog to enable developers to discover a given service seamlessly
API / API product revisioning to keep track of the changes
Feature-rich, cloud-based analytics for easy integration
You will gain a full understanding of WSO2 API Manager 4.0.0 features and how they cater to current API Management demands by attending this webinar.
DURING THE WEBINAR, WE WILL COVER:
Experience the power and synergy of Service Integration and API Management in a fully functional API ecosystem
Understand the motivation behind WSO2 API Manager 4.0.0 release
New streaming and event-driven architecture support available in API Manager 4.0.0
Learn the importance of catering all API Management and integration demands with one connected platform
Explore other new features and enhancements to the product
Crossing the low-code and pro-code chasm: a platform approachAsanka Abeysinghe
Organizations are now using low-code and pro-code tools to build digital experiences internally and externally. However, not having the right alignment between these two approaches slows down delivery.
Different developer personas that work in silos, no connection between low-code and pro-code applications, low-code creating unmanageable shadow IT applications, no single codebase or build pipeline, and interruptions to the professional developer flow are some significant drawbacks.
In this session, Asanka will look at a platform approach to bridge the low-code and pro-code chasm.
apidays LIVE London 2021 - Advanced Authentication patterns at the Edge by De...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
API Security
Advanced Authentication patterns at the Edge
Denis Jannot, Director of Field Engineering - EMEA at Solo.io
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
Client-side applications are becoming an increasingly popular technology to build applications owing to the advanced user experience that they provide consumers. Authentication and API authorization for these applications are also becoming equally popular topics that many developers have a hard time getting their heads around.
Check these slides, where Johann Nallathamby, Head of Solutions Architecture for IAM at WSO2, will attempt to demystify some complexities and misconceptions surrounding this topic and help you better understand the most important features to consider when choosing an authentication and API authorization solution for client-side applications.
These slides will review:
- The broader classification of client-side applications and their legacy and more recent authentication and API authorization patterns
- Sender-constrained token patterns
- Solution patterns being employed to improve user experience in client-side applications
Intro to open source - 101 presentationJavier Perez
This document provides an overview of open-source software and how to get started with it. It discusses the history of open-source software dating back to 1955. It defines key open-source concepts like licenses, roles, and best practices for contributing. It also highlights the large open-source ecosystems existing today and the top companies contributing to open-source. The document aims to address common questions or concerns about open-source software.
This document provides an overview of open source software, including its definition, development philosophy, and key principles. It discusses the open source definition and freedoms it provides users. Open source refers to software whose source code is publicly available and allows users freedom to use, copy, modify, and redistribute the software. Popular open source licenses like GPL, LGPL, BSD, MIT and Apache licenses are discussed in terms of their permissions and restrictions. The document also covers open source business models, communities, and trends, as well as tips for starting an open source project.
Open Source Software allows developers to freely access, modify, and share the source code for a piece of software. It is created by an author or company and then made available for free distribution. Open source software projects can involve thousands of programmers collaborating to refine a product. There are many advantages like no upfront costs, rapidly evolving code, and the ability to customize software. However, there are also disadvantages like potential lack of support if a project becomes abandoned and not all community suggested features may be implemented. Popular examples of open source software include Linux, OpenOffice, Firefox, HTML, and Apache.
The document provides an overview of open source projects, discussing what open source is, how open source communities work, and tips for contributing to open source projects, including identifying relevant skills, finding a project to contribute to, and understanding how to engage with an open source community. It uses examples like Wikipedia, Linux, and OpenStack to illustrate open source trends and best practices for participation. The presentation aims to educate people on open source and lower barriers to contributing for the first time.
Presentation mainly deals with Open Source and how Os projects work? Who does it? Why they do it? Why you should contribute to Open Source? Different ways of contribution.
The document discusses open source software. It defines open source as software whose source code is publicly accessible and modifiable. Open source software arises from close collaboration between programmers over time. The document outlines the benefits of open standards in promoting interoperability and expanding markets. It discusses open source intelligence (OSINT) which involves acquiring publicly available information and its uses for businesses, governments, and individuals. The document also notes some issues for customers related to properly tracking and complying with open source licenses. Popular open source projects like Linux and Android are highlighted.
SFO15-TR1: The Philosophy of Open Source DevelopmentLinaro
SFO15-TR1: The Philosophy of Open Source Development
Speaker: Jorge Ramirez-Ortiz
Date: September 22, 2015
★ Session Description ★
FLOSS - Free / Libre Open Source Software [1] What _is_ “the community”? What do they want from you? What do you get in return? [1] http://en.wikipedia.org/wiki/Free\_and\_open-source\_software
★ Resources ★
Video:
Presentation:
Etherpad: pad.linaro.org/p/sfo15-tr1
Pathable: https://sfo15.pathable.com/meetings/302926
★ Event Details ★
Linaro Connect San Francisco 2015 - #SFO15
September 21-25, 2015
Hyatt Regency Hotel
http://www.linaro.org
http://connect.linaro.org
OCTOBER 16, 2013
John Willinsky from the Graduate School of Education and founder of the Public Knowledge Project "...a multi-university initiative developing (free) open source software and conducting research to improve the quality and reach of scholarly publishing" and Irina Zaks from the Stanford Law School and Open Source Lab.
Their perspectives will set the stage for an open discussion about various facets of open access, including impacts and opportunities for the libraries. Please join us!
Providing Services to our Remote Users: Open Source SolutionsNicole C. Engard
This document discusses open source solutions that can be used to provide services to remote library users. It begins with an outline and definitions of open source software. It then discusses specific open source products that libraries commonly use, including content management systems like Drupal, Joomla and WordPress, as well as communication tools, media tools and library applications. Examples of library applications mentioned include the Blacklight OPAC. Throughout it addresses common concerns about open source software and provides statistics on open source use.
I gave this talk on IEEE Day (October 7, 2014). I covered Introduction to Open Source, Various Projects and Products in Open Source, What students can get from Open Source and various different aspects of Open Source during this talk.
Please feel free to download, modify and use the slides for your talks. Lets keep rocking the Free Web ! :)
This document provides an introduction to open source software for libraries. It begins by addressing common misconceptions about open source, such as security concerns. It then defines what open source is, including how the community contributes. Examples are given of open source governance and development models. The document discusses why libraries should care about open source due to shared values around free access to information. Finally, examples are given of specific open source software that libraries commonly use.
This document provides an overview of open source software and open development. It discusses the history of open source software and definitions of key terms. It also presents two case studies of successful open source projects: TexGen, a textile CAD modeler, and Apache Wookie, a widget server. Both projects benefited from collaboration, publicity, and new partnerships by being open source. The document also briefly covers legal aspects of open source like copyright.
1. The document discusses open source software and operating systems, including Linux. It defines open source software and provides examples like Linux, Apache, MySQL, and Perl.
2. Key advantages of open source software are that it is typically free to use and modify, encourages collaboration, and has transparent development processes. Disadvantages include potentially less professional support and documentation compared to commercial software.
3. Open source operating systems like Linux have publicly visible source code that can be edited. This allows for customization but also makes the software potentially more vulnerable to exploits. The document compares Linux to Windows on various criteria like licensing, user interfaces, and platform support.
This document discusses open source trends and issues. It addresses concerns around lack of education, technical skill fears, and security fears regarding open source software. It discusses how open source is easy to use, more secure than proprietary software, and growing in popularity across various sectors including government agencies, businesses, schools, and libraries. Resources for additional information on open source are also provided.
Best practices for using open source software in the enterpriseMarcel de Vries
Marcel de Vries discusses best practices for using open source software in enterprises. He notes that 80% of software is based on open source components and that awareness is key. He demonstrates how to use an artifact repository like Nexus to publish components after builds, scan for licenses and vulnerabilities, and gain insights. While repositories help with transparency and analysis, additional tools and processes are needed for component selection, community engagement, and contribution management to fully address open source usage in enterprises.
This document provides an overview of open source software. It defines open source as software where the source code is publicly available and can be modified and shared by anyone. The open source movement began in the 1980s with free software and the term open source was coined in 1998. Open source uses various licenses to grant users freedom to use, modify, and share software. It offers advantages like lower costs, transparency, and collaborative development but also challenges in business models and quality assurance. Common development tools include version control and mailing lists while popular open source products include Linux, Firefox, and Android.
Similar to [Workshop] Building an Integration Agile Digital Enterprise with Open Source Technologies (20)
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
At its core, the challenge of managing Human Resources data is an integration challenge: estimates range from 2-3 HR systems in use at a typical SMB, up to a few dozen systems implemented amongst enterprise HR departments, and these systems seldom integrate seamlessly between themselves. Providing a multi-tenant, cloud-native solution to integrate these hundreds of HR-related systems, normalize their disparate data models and then render that consolidated information for stakeholder decision making has been a substantial undertaking, but one significantly eased by leveraging Ballerina. In this session, we’ll cover:
The overall software architecture for VHR’s Cloud Data Platform
Critical decision points leading to adoption of Ballerina for the CDP
Ballerina’s role in multiple evolutionary steps to the current architecture
Roadmap for the CDP architecture and plans for Ballerina
WSO2’s partnership in bringing continual success for the CD
The integration landscape is changing rapidly with the introduction of technologies like GraphQL, gRPC, stream processing, iPaaS, and platformless. However, not all existing applications and industries can keep up with these new technologies. Certain industries, like manufacturing, logistics, and finance, still rely on well-established EDI-based message formats. Some applications use XML or CSV with file-based communications, while others have strict on premises deployment requirements. This talk focuses on how Ballerina's built-in integration capabilities can bridge the gap between "old" and "new" technologies, modernizing enterprise applications without disrupting business operations.
Platformless Horizons for Digital AdaptabilityWSO2
In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.
Quantum computers are rapidly evolving and are promising significant advantages in domains like machine learning or optimization, to name but a few areas. In this keynote we sketch the underpinnings of quantum computing, show some of the inherent advantages, highlight some application areas, and show how quantum applications are built.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
2. ● Why use open source software
● Free vs open source
● OSS foundations
● Understanding open source philosophies
○ Community over code
○ Cathedral vs bazaar
● Knowing infrastructure to get help
○ Mailing lists
○ Source control system
○ Ticket management / bug trackers
○ Wiki
○ Documentations
○ Website
Overview
2
● Legal aspects of the project
○ Licenses
○ Copyrights
○ Patents
● Security in OSS
● Open source business models
4. More control over the software
• Programers have control over the software.
• Unlike proprietary software, source code is
open, hence can examine the code and change
parts of it as they like.
• Users can use this software for any purpose
they wish—not merely the way someone else
thinks they should.
4
5. More secure than proprietary software
• Many people use the software.
• Hence, someone might spot and correct errors
or omissions that a program's original authors
might have missed.
• No need to ask for permission, people can fix,
update, and upgrade the software more
quickly than proprietary softwares.
5
6. Software supports interoperability
• Software will be used to for various use cases
by a diverse community.
• Hence, the software will be modified and
tested to interoperate with various other
systems.
• Normally, open source softwares become the
pioneers of protocol standardization.
• E.g. XML, Web Services protocols are
implemented openly.
6
7. Future is guaranteed to be good
• No one person/organization can’t influence the
design and the technical direction of a true
open source software.
• As the decisions are taken collaboratively (at
times there will be competitors contributing to
the software), the output will always favour the
common good.
7
8. Can always find support
• The source code of the software is publicly
distributed, and have a diverse community.
• Hence software won't disappear or fall into
disrepair if their original creators stop working
on them.
• Multiple individuals/companies provide export
support is using and fixing issues.
8
9. Ensure stability of your project
• The users can rely on that software for
building systems performing critical tasks.
• Because the software is more safer, it is easy
to get support when there are critical bugs and
in the worse case the organization can hire a
private consultant to fix the issues.
9
10. Synergy of knowledge
• Some of the open source softwares are built by
backing of software giants (Kubernetes is
backed by Google, Pivotal, RedHat)
• Hence the design and implementation will be
better than the software just been built within
just one organization.
10
11. Build on the shoulders of giants
• Complex systems need to depend on
multiple other softwares or libraries.
• If we are not using open source software,
for our project then either we have to write
our own libraries or buy third party
solutions
• This can be more costly or
error prone.
11
12. An opportunity to learn
• People share their work publically, inviting
comments and critiques, as they develop their
skills to become better programmer.
• Mistakes in the codes are discovered and
shared with others to help others avoid making
those same mistakes.
12
14. Free Software
• Free software is a matter of the user’s freedom to run, copy, distribute,
study, change and improve the software.
• Free as in “Freedom”, not free beer.
• Four kinds of freedom for the users of the software:
– The freedom to run the program for any purpose.
– The freedom to study on how that program works and adapt it to
your needs.
– The freedom to redistribute copies so you can help your neighbor.
– The freedom to improve the program and release your improvements
to the public so that the whole community benefits.
14
15. Open Source Software
• Open source software is software with source code that anyone can
inspect, modify, and enhance.
• May or may not be free of charge
• It’s not only about the source code being available. There are terms for
distribution defined by the OSI ( Open Source Initiative )
– https://opensource.org/osd
15
16. Free vs. Open Source
• Difference is very minimal
• License defines whether the software is a “Free” one or an “Open Source”
– Different license accepted by the Free Software Foundation and the
Open Source Initiative (with a high overlap)
• Examples for free software
– Linux Kernel
– Apache web server
• Almost all the open source software are free. Only thing is their license
may have different levels of restrictions
16
18. • Apache Software Foundation
(ASF)(http://www.apache.org/foundation/)
• Eclipse Foundation (https://www.eclipse.org/org/)
• The Linux Foundation
(http://www.linuxfoundation.org/about)
• Free Software Foundation (FSF)
(https://www.fsf.org/about/)
• Cloud Native Computing Foundation (CNCF)
(https://www.cncf.io/)
18
Major Foundations Helping Software Development
20. Apache Software Foundation (ASF)
• Major projects:
– HTTP server (httpd) - https://httpd.apache.org/
– Apache Tomcat - http://tomcat.apache.org/
– Apache Cassandra - http://cassandra.apache.org/
– Apache Hadoop - https://hadoop.apache.org/
– Apache Openoffice - https://openoffice.apache.org/
– Apache ActiveMQ - http://activemq.apache.org/
– Apache Maven - https://maven.apache.org/
• Full list of projects :
– https://projects.apache.org/projects.html
20
21. Apache Software Foundation (ASF)
• Governance Model : Board of Directors -> Project Management
Committee->Committers->Users
– http://www.apache.org/foundation/governance/
• Project Maturity:
– Labs: these are experiments being carried out by existing committers
(labs.apache.org)
– Incubating Projects: Projects that have still to build a sustainable
community
– Active Projects
• Top Level Projects: (TLP)
• Sub Projects under a top level project
– Attic: end-of-life projects that are no longer receiving active
development, but may still be useful
21
23. CNCF
• Major projects:
– Kubernetes (https://kubernetes.io/)
– Helm (https://helm.sh/)
– Prometheus (https://prometheus.io/)
– Fluentd (https://www.fluentd.org/)
– Opentracing (https://opentracing.io/)
– Linkerd (https://linkerd.io/)
– Envoy (https://www.envoyproxy.io/)
• Full list of projects :
– https://www.cncf.io/projects/
23
24. CNCF
• Project Maturity:
– Sandbox - projects are in a very early stage and require significant code
maturity and community involvement before being deployed in production.
– Incubation - they meet all sandbox criteria as well as demonstrate certain
growth and maturity characteristics. They must be in production usage by at
least three companies, maintain healthy team that approves and accepts a
healthy flow of contributions that include new features and code from the
community.
– Graduation - Active projects
• https://www.cncf.io/blog/2018/11/05/34097/
24
25. The Linux Foundation
• Projects : https://www.linuxfoundation.org/projects/
• Other Foundations:
25
28. Community Over Code
“A healthy community is far more important than
good code”
Brian Behlendorf,
the founder of the Apache Web Server project
28
29. "Community > Code"
• If the code were to mysteriously vanish, a
strong community could rewrite it.
• But if the community is unhealthy, the code will
eventually fall by the wayside.
• Therefore people are more important than the
code.
29
30. Are you a rockstar programmer?
Q: Assume a situation where you have a rockstar
programmer who writes brilliant code, complete
with documentation and tests, but treats
everyone else on the project as they are idiots.
What's the result?
30
31. You are a jerk !
A: People will either leave, because they can't
stand this person's behavior, or they will learn to
behave in the same way in order to fit in, thus
driving everyone else away even faster.
Eventually, you have a project where everybody's
a jerk, and nobody wants to join the party.
31
32. Whey community is important?
• At ASF there are over 4,000 people as
contributors, but only a smaller number is being
consistently active at any given time.
• The importance of healthy, respectful
community gives the contributors a warm fuzzy
feeling, helping them to speak openly and
contribute their ideas and most importantly
“time”.
32
33. Community == Coopetition
• Unlike closed-source, in Open Source it's
actually really important that you play nicely
with others, even with your competitors. Love
they enemy.
• In many times you will be cooperating closely
with your competition to create something, so
that you can then compete on value-adds such
as training, services, support, and non-free
features.
33
34. Community is the key for success
Healthy, diverse, inclusive and a friendly
communities promote project growth,
sustainability, and even to the financial success of
corporations that choose to build solutions around
the technology.
34
36. Cathedral vs bazaar
• The cathedral is a
centralized effort
(Top Down).
• The Bazaar makes
the development
open (Bottom
Up).
36
37. Cathedral style development
• A defined group of developers (or even only a
single one) is developing the software.
• Nobody else is involved.
• The ideas or patches from the outside will be
ignored.
• Usually proprietary software is developed that
way, but not exclusively.
• Few but stable releases.
37
38. Bazaar style development
• The Bazaar makes the development open.
• Many people are tinkering with the source code
without central control.
• Everyone is treated equally and valued based
on merits.
• More contribution than Cathedral style
development.
• “Release early, Release often”
38
40. Which style is better ?
• Both Cathedral & Bazaar styles have pros and
cons.
• Where almost all proprietary softwares are
implemented using Cathedral approach.
• Most open source projects are developed using
Bazaar style due to the community nature of
open source.
40
42. Mailing Lists / Chats / Forums
• OSS development teams use electronic means to conduct open and public
discussions.
– Mainly emails
– Chats and Forums are also very popular (Slack)
• Can get help from the community via these channels
• Need to subscribe / join prior to getting engaged
– Instructions can be found in the website of the project
• Friendly, helpful and encouraging environment
• There are etiquettes to follow
– Common etiquette and project defined etiquettes
– https://css-tricks.com/open-source-etiquette-guidebook/
• https://wiki.openstack.org/wiki/MailingListEtiquette
42
43. Source Control System
• Code is maintained in a publicly available source control system in a way
anyone can contribute
• Github is the most popular source control system used currently
• Instructions are provided on how to checkout the code and build it
• You can start by submitting fixes or improvements
• When you keep contributing actively, community will decide granting
committership to you
• There are governance models which defines the committership process,
release process etc.
43
44. Ticket Management
• Open source projects are open to feedback from the community.
• People can report bugs, improvements and feature requests via their ticket
management systems
• Most of the times discussions about those bugs/improvements happen in
the ticket system itself
• JIRA and Github are the most popular
• As a newbie, you can go through the available tickets to identify any
contribution you can make
• Some projects specifically mark the tickets which are suitable for the
newbies to encourage them to contribute
– Have a look at https://www.firsttimersonly.com/ to find some ways of
identifying newbie friendly issues 44
45. Wiki
• Wiki is the place where you can find the resources which can be helpful to
a developer
– Guidelines for contributors
– Release plans
– Roadmaps
45
46. Documentation
• Documentation helps you to understand the project
• You can try the samples available
• You can also contribute to the docs
– Can submit fixes for documentation errors or missing information
– It is a good starting point
46
47. Website
• Project website glues everything mentioned in the previous slides together
– When you go there you can find an overview, links to documentation,
source code and wiki etc.
• Some projects might not have a website
– They use the Github space to cover the purposes of a website too.
– Arrange everything in the README.md
47
51. Open Source Licenses
• Apache License 2.0
• GNU General Public License (GPL)
• GNU Library or "Lesser" General Public License (LGPL)
• GNU Affero General Public License (AGPL)
• BSD 3-Clause "New" or "Revised" license
• MIT license
• Mozilla Public License
• Eclipse Public License
51
https://opensource.org/licenses/alphabetical
52. Copyleft vs Non-Copyleft
• A major difference between Open Source licenses is whether the license
is considered “copyleft” or not
• Where copyright law allows the copyright owner to withhold permission
to copy, modify, or distribute software, Copyleft licenses require that
permission to be granted
• Copyleft licenses are conditional licenses. In order to use or distribute
software licensed under a copyleft license any changes you make to the
software must be released under the same license.
• A copyleft license makes sure that all modified versions of the software
remain free and open in the same way the original software was
• The GPL is considered the most popular Copyleft License
52
Based on : An Introduction to the Legal Issues Surrounding Open Source Software By Daliah Saper
53. Permissive Licenses
• Permissive Licenses, like the Apache2 License, are non-copyleft
licenses
• Permissive Licenses do not place many restrictions on later
development or modification of the original software
• Since Permissive Licenses do not place heavy restrictions on
subsequent use, they do not preserve software rights in
downstream versions
• If your software is licensed under a permissive license, subsequent
developers can use your permissively licensed code in closed
source proprietary software.
53
Based on : An Introduction to the Legal Issues Surrounding Open Source Software By Daliah Saper
54. Apache License 2.0
• A permissive license, whose main conditions require preservation of
copyright and license notices
• Contributors provide an express grant of patent rights
• Derivative work may be distributed under different licenses.
54
55. Selecting a License
• When trying to figure out what license to use for your
source code, or when you are using an open source
project as a dependency, there are a few basic questions
you should ask
– If the program is modified, can the results be
distributed under a different license?
– What are the risks of combining the program with
proprietary software?
– What other requirements are imposed by the
license?
55
Based on : An Introduction to the Legal Issues Surrounding Open Source Software By Daliah Saper
57. Security in OSS
• There are two arguments on the security of OSS
• Security is good in OSS
– Since a wider community engages with the project, people detect the
vulnerabilities and fix them
• It is risky to use OSS
– Since the code is open, hackers could go through it and uncover any
vulnerabilities missed by the community
57
58. Benefits
• When we use proprietary software we don’t even know the level of
security in them. We have to accept what is delivered by the vendor. But
in OSS we can do our own analysis
– Can scan the code too
• It is assumed that people who uses the OSS in their projects would fix any
vulnerability if noticed
• Unlike proprietary software, since people can report security issues, once
they are reported, project maintainers act fast on fixing them because of
the openness.
58
59. Drawbacks
• It is true that hackers can find vulnerabilities which are not being noticed
by the community
• Although the code is open to the community, there is a doubt on how
many of them really go through the security aspects and provide feedback
– But, if there is a lot of traction with the project, this could be
discarded.
• When too many OS libraries are used as dependencies in a project, its
difficult to track the security implications
59
61. Wait…
• We said “Free”, so how do we make money?
• “Free” as in freedom, not as free beer
• You can “sell”, if people can buy
• Also, users of open source software should
remember that open source projects need
funding for keeping the project live (cost of
developers, infrastructure, etc.)
61
62. • Insurance model :
– Why pay first party insurance, when third party is cheaper…
– Someone else (experts) are there to help you when needed
• Converting unpredictable expense to a predictable cost
• Question of whether you have time or money. Often
people don’t have both :)
• E.g
– WSO2 subscription: https://wso2.com/subscription
– Red Hat subscription:
https://access.redhat.com/subscription-value
Subscription Model
62
63. Open Core Model
• Core of the software
will be open source
• But, most of the
interesting enterprise
features might only be
available in a
commercial software
• E.g:
– Mulesoft ESB
63
https://medium.com/open-consensus/2-open-core-definition-examples-tradeoffs-e4d0c
044da7c
64. Paid Additional Features
• Building additional features for a cost
• Code/Feature might be owned by the sponsor,
or might be donated to the open source
projects
64
65. WSO2 API Manager
Product Overview
Jaminda Batuwangala
Senior Director - Solutions Architecture
Ruwan Abeykoon
Director / Architect - Identity & Access Management
An open source approach to addressing any spectrum
of API lifecycle, monetization and policy enforcement.
66. Why WSO2 API Manager
● Extensibility, Transparency and Open Source nature of the WSO2
platform:
● Unique open source subscription and support model
● Part of a full integration platform (including Identity & Access
Management, Enterprise Integration / ESB)
● Business insights an anomaly detection
● Hybrid API management
● API Security (combined with WSO2 Identity & Access Manager)
67. Typical Business Integration Problems
Vendor lock-in / risk →
Scaling API integrations →
API management in decentralized Microservices Architecture →
Agile API development and lifecycle management →
Enabling API reusability →
Connecting heterogeneous applications (B2B connections) →
Gathering business insights and analytics →
On premise API gateways for cloud infrastructure →
(Open source)
(API Gateway)
(Micrograteways)
(API Publisher)
(Developer Portal)
(Key Manager & Traffic Manager)
(API analytics)
(Hybrid technology)
68. 68
Why Open Source API Management?
● Business friendliness: Apache 2 Open source
● Readability of code: Ease of extension and customization
● Open source (not open core)
● Platform lock-in implications
● Vendor lock-in implications
● Strength of the OS community
● Level of commercial support: Reliability, low cost trials/POCs
● OS governance model
69. Product Overview
WSO2 API Manager is an open source
approach to addressing any spectrum of
API lifecycle, monetization and
policy enforcement.
71. API Gateway
● The entry point (gateway) into your internal/external APIs.
● The enforcement point of all the security, rate limiting and message mediation
policies.
● The agent which provides the analytics engine with the business insights it needs.
● Caches responses from target APIs to reduce load on the back-end services.
● Auto-scaling up and down based on demand
72. API Publisher
● Design, mock and document
REST and SOAP APIs.
● Create new versions of APIs
● Gain API usage insights for
operational purposes
● Import API definitions
● Apply policies for security, rate limits
and message transformations.
The Portal for API Designers and Product Managers.
● Validate and publish APIs for public
discovery and consumption.
● The central point for managing the
API’s Lifecycle.
● Monetize APIs through business
plans.
● Gain API usage insights for business
purposes.
Designers Product Managers
73. Developer Portal
The Application Developer Portal known as the API Store.
● Discover, test and subscribe to APIs
● Search through APIs and their documentation
● Rate, comment and participate on discussion forums of the portal
● Try out the API SDKs for faster go-to-market of applications.
● Brand the developer portal to suit your needs
● Manage the lifecycle of applications across environments
● Integrate with third party authorization servers
74. Key Manager and Traffic Manager
● Scalable and flexible authentication
and authorization policy enforcement
based on OAuth2.0 and other
protocols.
● Integration with third party
authorization services
● Supports a wide range of application
types such as mobile, web, SPA,
wearable devices, biometrics, etc
● Social integration for login via social
networks and other IDPs.
● Rate limits used for billing and
metering purposes
● Fair usage policy enforcements
● Rate limits based on user privilege,
location, device type, etc.
● Rate limits for target services
Security Rate Limiting
75. API Analytics
Analytics for Business Insights and Operational Purposes
● Reports by API usage, top users, top applications, top device types, etc
● Location based reporting to identify hottest destinations
● API performance and health based reporting for operational activities.
● Usage reporting for API users as well as API providers
● Detection and prevention of possible fraud and theft
● Abnormal event detection and reporting
● Change detection of API access patterns and alerting
● API last used details for better lifecycle management
76. Gateway
A broad collection of best-of-breed APIM components
Internal and External API Management
WSO2 API Manager: Core Components
● Protocol
Handling
● Security
● Policy
Enablement
● Mediation
IAM
● Key server
● SSO
● Federated ID
● OAuth2
● OIDC
● JWT
Analytics
● Streaming
analytics
● Real-time
alerting
● Traffic
management
Integration
● Adapters
● Connectors
● EIP
Portal
● Flexible
theme-based
architecture
● Registry and
versioning
model
Multiple plug-points and extensibility | Open source projects | Flexible deployment options
81. ● 5 core grant flows
○ Authorization Code - Web and Mobile
○ Implicit - Old way for mobile, but discouraged now
○ Resource Owner Password - Simple, but less secure
○ Client Credentials - Simple, and limited, no user consent
○ Refresh Token - On top of above 4
● Extended grant flows
○ SAML2 Bearer Assertion
○ JWT Bearer Assertion
● Custom grant flows
○ Kerberos grant flow
○ NTLM grant flow
81
OAuth2 Grant Flows
85. WSO2 Identity Server - Capabilities
• Identity Federation and Single Sign-On
• Strong and Adaptive Authentication
• Account management and Identity Provisioning
• Fine-grained Access control (Authorization)
• API & Microservices Security
• Privacy compliance
• Identity Analytics
85
86. Identity Federation & Single Sign-On (SSO)
86
● Business users need access to multiple heterogeneous applications.
○ Cloud / on-premise
○ Internal / external
○ Different identity federation requirements
○ Single Sign-On and Single Logout across identity federation protocols
○ Claim and Role transformation
● Standard identity federation protocols for inbound authentication requests
87. 87
Federation with Identity Providers
● Provide access to users from trusted internal identity providers (B2E)
● Provide access to partners or customers from trusted external identity providers (B2B)
○ Example: Authenticate users in ADFS to Salesforce
● Provide social login/sign-up for your consumer websites (B2C)
● The same set of standard identity federation protocols are available for outbound
authentication requests as well
88. Identity Hub
● Connecting multiple relying parties to multiple identity providers over
identity federation or provisioning protocols
● Identity Bridging - Translating from one identity federation or provisioning
protocol or token format to another.
For example:
○ SAML2 -> OpenID Connect
○ OpenID Connect -> WS-Federation
○ SCIM2 -> SPML
○ SCIM2 -> Salesforce
88
98. 98
Risk-Based Authentication Flow
Get Risk
Score
• Login patterns (time of the day, day of the week, etc.)
• Last successful login time
• Typing speed
• Consecutive incorrect password attempts
101. Existing Data Sources, new Ideas...
10
1
Scattered, Irregular logic, hard/risky to change. The core business
Application 𝜸
R
Application ẟ
C
U
Application N
C
UD
Internal / external data in many
forms.
(i.e. databases, spreadsheets)
Application X
CR
UD
Explore new opportunities
Applications, API,
Monetization, Customer
experience
Dilema
I have innovative business
ideas for my market
segment. But my backend is
not agile enough
102. We need Integration Agility…….
10
2
Analytics
Continuous-*
Security &
Access Management
API / Service discovery
Dev toolsDevops tools
Service router
API Gateway
Core
Microservices
Data
Container(s)
Delivery channels Digital Products
Messaging Channels
Integration
MicroservicesExisting Services
103. A Hybrid Integration Platform
10
3
Connectivity / Integration : anything-to-anything
WSO2 EI
Connectors
Web services
APIs
Filesystems
Messaging
systems
Business
Applications
Partners’
systems
Data
public cloud | private cloud | on-premise
Typical Use Cases
▪ A system of systems: connect
multiple systems together.
▪ Better consumer experience with
connected data and business
processes.
▪ Digitize legacy systems: mediate
legacy with modern architecture
paradigms.
▪ Hybrid integration by taking
on-premise data and processes
into the cloud and back.
104. Integration Platform
10
4
A platform for Hybrid Integration
Integration Specialists Ad Hoc Integrators Citizen Integrators
Integration Templates
Composition/Orchestration/Mediation
B2B A2A C2B G2G N2N
Data Integration
Communication Protocols, Connectors, Styles and Patterns
Governance
Operations
Integration tools, wizards, IDE support
Public Cloud Private Cloud On-premise
Service DeploymentEventing
Security
Analytics
105. WSO2 Enterprise Integrator
▪ Available as a single
downloadable runtime
or a public cloud
▪ Single integrated
packaging of
ESB
Data Services
Business Processes
Business Rules
Message Broker
MSF4j
105
Comprehensive, High Performance, Extensible!
106. Enterprise
Integration
An open source, hybrid integration platform to allow
developers quick, iterative integration of any application,
data, or system.
Components
● Enterprise Services Bus
● Data Services
● Business Processes (workflows)
● Message Broker
● Microservices framework for
Java (MSF4J)
106
108. THE DIGITAL BUSINESS LANDSCAPE
108
Digital products, services, and business models, along with consumer demands
are reshaping the landscape of many industries
Focus on
customer
experience
2
Using analytics to better
understand and serve
customers, and optimizing
the customer experience
across multiple channels.
3 Optimizing
operations
Using technology to
empower workers with
improved communications,
and moving toward
data-driven decision
making.
Creating new digital
products or delivering new
digital services based on
data related to the physical
product.
Evolving
business
models
1
110. ▪ To connect and integrate with common systems & platforms
▪ No additional cost. Download and Install.
▪ https://store.wso2.com/store/assets/esbconnector/list
Connectors to connect The Enterprise
110
The Connectors Store
Connectors
▪ Salesforce
▪ SAP
▪ Google
▪ PeopleHR
▪ SugarCRM
▪ Twilio
▪ Youtube
▪ eBay
▪ Bugzilla
▪ Zuora
▪ Nest
▪ ...
111. ▪ EIPs are enabled using
individual building blocks
called Mediators
▪ There are many types of
out of box mediators that
provide common
capabilities such as
filtering, aggregating,
switching etc.
▪ These mediators are
available via the tooling
component to build the
various EIPs
▪ EIPs cover a wide spectrum of common integration scenarios
e.g.
▪ 100% coverage for all published EIPs with source configs
▪ https://docs.wso2.com/display/IntegrationPatterns
Enterprise Integration Patterns (EIP)
111
Best Practices in Mediation & Integration
112. An example : Enterprise Integration Patterns (EIP)
11
2
Combining Many EIPs to Model an Integration Flow
Incoming message
Translator
By mapping data fields
from one message
schema to another
Translated message
Router
By conditionally
evaluating the Message
Content or Headers.
Translator
By converting the Content
Type of the message
(i.e. XML to JSON)
Translated message
Recipient β
(request-response)
Recipient α
(subscriber)
outbound
message queue
Response message
One-way flow segment
http 202
Acknowledgement
Message initiation point
113. WSO2 EI
or any other
System
Copies of the
Event message
Publisher-Subscriber
113
An example - Enterprise Integration Patterns (EIP)
Subscriber A
(Topic / Queue)
WSO2 EI
or any other
message broker
Event message
i.e. Change of Stock
price
Publisher
WSO2 EI
or any other
System
Subscriber B
Subscriber C
WSO2 EI as a Publisher
Supports publishing event messages into
messaging channel.
i.e. Accept a message over HTTP and Send
the same to a JMS topic or FTP server.
WSO2 EI as a Broker
Provides a JMS endpoint so that any external
system could send an event messages
considering WSO2 EI as a message broker.
i.e. Accept a message over JMS transport and
persist.
WSO2 EI as a Subscriber
Supports fetching event messages from a
messaging channel, and (if required)
invoke/trigger a mediation flow. Also
supports acting as Durable JMS Subscriber.
i.e. Listen to a JMS topic, and fetch messages
when they become available.
114. Dead-Letter-Channel
114
An example - Enterprise Integration Patterns (EIP)
Intended
Receiver
ChannelMessageSender
Message Delivery failure
Typically, a message flow consists of a
Sender, Message Channel and a Receiver.
The usual Message Channel could be broken
due to reasons such as network failures and
non-responsive receiver applications.
Temporary persistence
Once delivery attempt fails, such messages
need to be persisted in a channel handle
those later without resulting any message
loss.
WSO2 EI Message Store
WSO2 EI is equipped with its Message-Store
concept that facilitates the implementation of
the dead-letter-channel while also providing
a mechanism of retry.
Message
Intended
Receiver
MessageSender
Dead Message
Dead Letter
Channel
delivery fails
routed delivery
116. Existing Data Sources
11
6
Scattered, Irregular logic of Create, Read, Update, Delete
Application 𝜸
R
Application ẟ
C
U
Application N
C
UD
Application α
CR
UD
Application β CR
UD
Internal / external data in many
forms.
(i.e. databases, spreadsheets)
117. Data Integration with WSO2 EI
11
7
All Create, Read, Update, Delete operations as Services
Application 𝜸
Application ẟ
Application N
Application α
Application β
Internal / external data in many
forms.
(i.e. databases, spreadsheets)
CRUD as a Service
WSO2 EI
119. Business Process Execution with WSO2 EI
11
9
Processes/Workflows and Human Tasks
Application α
Application β
Defined business rules, processes
and workflows which may also
consist of human tasks
Business Process Execution
as a Service
WSO2 EI
Application N
Process Initiation
Results/Decisions
120. Tooling with support for Mediation Debugging and Data Mapping
▪ Provides graphical
and source view
editing of
integration artifacts
▪ Debugging support
on mediation flows
▪ Eclipse based
▪ Packaging /
archiving artifacts
for deployment
120
WSO2 Developer Studio
125. WSO2 Open Banking Solution
WSO2 Open Banking is a purpose built solution, using
the Open Source WSO2 products, for regulatory
compliance. It helps align banking and regulatory
needs with technology infrastructures and regulatory
expertise to quickly satisfy compliance.
126. API templates that support Open
Banking UK, The Berlin Group, and
STET, Australia CDR API specifications
Built-in API Security including OAuth2
and certificate validation
Strong customer authentication,
adaptive authentication, and user
consent management
Fraud detection and transaction risk
analysis
Key Features
API analytics & business insights with
dashboards
Integration points to core banking
systems
General Data Protection Regulation
(GDPR) compliant solution
Built on top of the WSO2 Platform
making it easily extendable for digital
transformation initiatives beyond open
banking
130. ● Redirect and decoupled authentication approaches are supported
● Multi Factor Authentication (MFA ) support with SMS/OTP, FIDO, DUO
● Extensible to support any other mechanism which banks require to authenticate end users.
Knowledge Ownership Inherence
Password, PIN, ID number Mobile device, token or
Smart card
Fingerprint, face or voice
recognition
Strong Customer Authentication (SCA)
131. ● Allows the solution to vary the authentication strength based on factors which can be configured
as rules.
● Analysis of preconfigured rules to decide how authentication should be done.
Transaction amount
> 30 EUR
Transaction amount
< 30 EUR
Basic Authentication
SMS OTP
Authentication
Basic Authentication
Authenticated
Authenticated
Transaction Risk Analysis based Adaptive
Authentication
132. Support to manage user consent, under the following conditions
● Consent capture, store and lifecycle management
● Out of the box APIs for all above functions
● Optional web applications to handle customer consent revocation
○ Directly by the customer
○ Through customer care executive
Consent Management
133. WSO2 Open Banking for PSD2 Compliance
Customer
TPP
(AISP/PISP)
FinTech
Merchants
Core Banking
Internal Payment
Services
Bank Internal Network
ISO 8583
(TCP/IP)
HTTP
HTTPS
Other Banks
HTTPS
133
134. WSO2: Company Overview
Helping digitally driven organizations become integration agile
WSO2 confidential. Partner NDA obligations apply.
135. WSO2 At-A-Glance
13
5
$37M in 2018
Subscriptions,
51% YoY
growth
500+
Customers,
Open
Source
Founded 2005,
Backed by
Cisco and Toba
Capital
Mountain View,
Colombo,
London, Berlin
New York, São
Paulo, Sydney
500+
Employees
(300 Engineers)
136. 13
6
“ Application infrastructure and
middleware projects are becoming the
cornerstone of the digital business.”
#1 Open Source /
Open Core Application
Integration Suite Vendor
137. 13
7
“...the only fully open source solution in
our Wave analysis, WSO2 provides good
breadth across all evaluation criteria.”
Leader in the Forrester
Wave: API Management
Solutions, Q4 2018
138. 13
8
“...WS02 continues to make
improvements in a positive direction
moving them from product challenger in
2016 to the product leader category of
this current version of the report. ”
Leader in KuppingerCole
Leadership Compass,
2019 Access Management
And Federation
139. 139
#1
6th
Open Source Integration Vendor
Largest Apache Committer
Largest Open Source Vendor
6th
WSO2: Helping Digitally Driven Organizations
Become Integration Agile
140. The Integration Imperative is Growing
Disaggregated architectures drive 50 billion endpoints to grow >1 trillion
CONSUMER DEMAND
Scale and agility require app
disaggregation...
…making hybrid integration
the unspoken challenge of
cloud services
SUPPLIERS DISAGGREGATE ARCHITECTURE TO MEET DEMAND
1
10
102
103
105
109
MONOLITHIC
BUSINESS APP
ENTERPRISE
APPS
DEPARTME
NTAL APPS
SAAS APPS
PUBLIC /
PRIVATE APIS
SERVERLESS &
MICROSERVICES
1970s
|
MAINFRAME
1980s
|
IT
AWAKENING
1990s
|
INTERNET
2000s
|
MOBILE
2010s
|
IoT/AI
2020+
|
DIGITAL NATIVE
140
141. “APIs create business agility
that fosters the rapid
business reconfiguration
necessary to continually
adapt to an unknown future
of constant change.”
~ Randy Heffner,
Forrester Research
142. 142
Half of All Development Will Be Integration
Consider that today’s 50B endpoints will soon grow to 1T
143. Start with API
management
IDENTITY & ACCESS
MANAGEMENT
Secure and federated identity
for integration
60M identities managed
ANALYTICS &
STREAM PROCESSING
Streaming data for
real-time analysis
100K+ TPS
ENTERPRISE
INTEGRATION
Quick, iterative integration of
any app, data, or system
6 trillion transactions / yr
Further develop APIs with integration that connects
apps and data.
API
MANAGEMENT
API design, creation, reuse,
governance, and analytics
20K APIs for 200K orgs
Common architecture, common code base
WSO2 Open Source Integration Platform
● Identity management
● Identity federation / SSO
● Identity bridging
● API and microservices security
● Strong and adaptive Auth
● Access control
● Privacy control
● API analytics
● API designer
● API gateway
● API microgateway
● API publisher
● API storefront/marketplace
● API repository/registry
● Streaming engine (Siddhi)
● Dashboard portal
● Business rules
● Stream processor runtime
● Development environment
● ESB
● Integration designer
● Message broker
● Workflows
145. Flagship Customer Examples
Applied uses across every industry and geography
Financial Healthcare Governments Education Telecom Retail TechnologyTransport
145
147. ● Bank of New York Mellon used WSO2 to expose an API Portal that powers its NEXEN
platform
● The solution gives the ability to abstract and expose a set of APIs to BNYM’s partners and
stakeholders, control access, monitor, meter and participate in an API ecosystem.
● BNYM chose WSO2 because of our comprehensive platform and technical expertise.
148. ● ELM implemented single sign-on with WSO2 Identity Server to streamline
administration, improve productivity, and reduce costs
● Today, ELM relies on WSO2 Identity Server to manage 4 million users of the
Unemployment Assistance Program and ensure secure online transactions.
● ELM chose WSO2 because of the product’s flexibility and the ability to customize it
to their needs.
149. ● Transport for London (TfL) uses WSO2 as the Strategic Integration Platform
within all business units.
● The first application replaced the existing TIBCO deployment for a service that
collects status output from trains used in two London Underground lines. Four
more applications are currently being developed.
● TfL selected WSO2 because of the open source nature of our products, the cost
effectiveness of the implementation and the seamless integrated platform that
we provide.
150. It is not the strongest of the species
that survives, nor the most intelligent
that survives. It is the one that is the
most adaptable to change.”“ Charles Darwin