Category Archives: App Security & APIs

Complexity Management with Tokenization

By Gunnar Peterson on April 8, 2013

Tokenization is a major trend in application and data security and Gateways are an ideal location to deploy tokenization services. Tokenization replaces sensitive data with benign data. The classic example here is PCI DSS, and the business value of tokenization … Read more >

HTML5 and API Gateways

By Blake Dournaee on April 8, 2013

So, here are some questions that have been on my mind lately: How can Enterprises reduce cost drivers for mobile enablement? Can APIs and HTML5 provide the basis for a long term mobile strategy? Can Enterprises avoid lock-in with mobile … Read more >

Mobile Middleware for the Enterprise: API Security Considerations

By Travis Broughton on April 4, 2013

A few weeks ago I blogged about different Mobile Middleware usage models for enterprise. Continuing that thread, this post will drill down into API security considerations for enterprise mobile apps. Mobile applications are typically intended for use outside of the … Read more >

From ESBs to API Portals: an Evolutionary Journey Part 3

By Enrique Castro-Leon on March 28, 2013

In this article series we build the case for API portals, out of which the Intel® Expressway Service Gateway and the Intel® API Manager, powered by Mashery are representative examples, as the contemporary manifestations of the SOA movement that transformed IT in the … Read more >

Remember Your Helmet

By Gunnar Peterson on March 25, 2013

“I have three mailboxes in my office : IN, OUT, and TOO HARD. I was joking with the MIT students that I should have a TOO HARD bin” – Warren Buffett Even for a great investor like Warren Buffett, most … Read more >

The Façade Proxy

By Andy Thurai on March 20, 2013

KuppingerCole analyst Craig Burton (of Burton Group originally) wrote a recent article about Façade proxies. You can read the article here: http://blogs.kuppingercole.com/burton/2013/03/18/the-faade-proxy/ As Craig notes, “A Façade is an object that provides simple access to complex – or external – … Read more >

What Comprises a Mobile DMZ?

By Gunnar Peterson on March 13, 2013

The DMZ is a Web app security architecture workhorse. The DMZ operates under a different ruleset both in terms of what is allowed and in terms of the level scrutiny design, deployment and operations get. To the extent Web security … Read more >

Chief API Officer

By Andy Thurai on March 11, 2013

Hackathons help you explain APIs to developers. But, do you know who you should be really selling the value of your APIs to? It goes way beyond the developers and IT operational folks. Who do you think it is ……CIO, … Read more >

From ESBs to API Portals, an Evolutionary Journey Part 2

By Enrique Castro-Leon on March 4, 2013

In this article series we would like to build a case that API portals, with the Intel® API Manager and Intel® Expressway Service Gateway, powered by Mashery are representative examples, are the contemporary manifestations of the SOA movement that transformed IT … Read more >

Touchless Security for Hadoop – combining API Security and Hadoop

By Blake Dournaee on February 28, 2013

It sounds like a parlor trick, but one of the benefits of API centric de-facto standards such as REST and JSON is they allow relatively seamless communication between software systems. This makes it possible to combine technologies to instantly bring … Read more >

Application Security