2024 DevOps Lifecycle: Share your expertise on CI/CD, deployment metrics, tech debt, and more for our Feb. Trend Report (+ enter a raffle!).
Kubernetes in the Enterprise: Join our Virtual Roundtable as we dive into Kubernetes over the past year, core usages, and emerging trends.
Chief Product Officer at 42Crunch
About
Dmitry Sotnikov is Chief Product Officer at the API Security specialist - 42Crunch - and the curator of the https://apisecurity.io newsletter and community. Prior to 42Crunch, Dmitry worked at Quest Software (now part of Dell) as Director of Cloud Solutions, then co-founded Jelastic PaaS and led Jelastic's sales, marketing, customer and partner relationships, and later built the cloud platform and business for WSO2 open-source integration company. Dmitry has been a featured speaker at multiple industry events including Microsoft TechEd, VMware VMWorld, Parallels Summit, Quest Innovate, and Technology Experts Conference (TEC). twitter: @DSotnikov
Stats
Reputation: | 4522 |
Pageviews: | 1.3M |
Articles: | 2 |
Comments: | 12 |
Articles
Trend Reports
API Design and Management
Discover what you need to know about the state of API design and management. This report explores a wide range of topics from REST API discovery and navigation to common integration pain points and how developers are thinking about APIs.This report covers in-depth original research on developer preferences surrounding API programs and integrated systems. Additionally, experts in the field share their perspectives on effective API design as well as secure API strategies and best practices.
Comments
Jul 07, 2021 · Dmitry Sotnikov
Patrick, yes, indeed such fines can be issued by the regulator if they view the breach as a sign that the company didn’t have sufficient security measures in place to protect their systems, networks, and data. A couple of recent examples on the GDPR side that come to mind are British Airways ($26 million) and Marriott ($23.8 million).
Apr 30, 2021 · Melissa Habit
Hi, Bukaj,
You are correct. Indeed, I can define an amazingly tight API in my contract, but not follow it in the actual implementation.
However, the big advantage of the OpenAPI standard (and other similar standards such as GraphQL, AsyncAPI, Protobuf, etc.) is that it is machine-readable. This means that you can for example:
* Use a contract-aware dynamic testing tool (I am partial here and can give 42Crunch Conformance Scan as an example) that would automatically test for any discrepancies between the contract and the implementation.
* Use a contract-aware API firewall or gateway (again, 42Crunch Protection is one such example, but increasingly other API gateways include at least some OpenAPI-based validation.)
Dmitry
Mar 06, 2020 · Dmitry Sotnikov
You should check with the vendor (Shopify) to make sure that you are following all their security best practices to minimize the exposure. And obviously always use multi-factor authentication, never leave your credentials anywhere electronically accessible, etc.
Jan 10, 2020 · Dmitry Sotnikov
Jul 11, 2018 · Dmitry Sotnikov
There is a lot of documentation at http://ballerina.io/learn including both specific examples for each language construct and detailed scenario-oriented step-by-step guides.
Also, next Wednesday, July 18 BallerinaCon takes place in San Francisco. This is going to be a great event going into the detail of Ballerina including the devops scenarios (check out the agenda). The event is both physical and virtual (live streaming for those who cannot make it in person) - please register at http://con.ballerina.io
Jan 04, 2016 · John Vester
This sounds a bit like a TIBCO pitch. For example, it completly misses the leading open-source solution: WSO2 API Manager (and its hosted version: WSO2 API Cloud), AWS Gateway, SOA Software, IBM, Informatica. Much better to refer to Forrester Wave for API Management when you need an overview of API management market.
Nov 24, 2014 · Amila Maharachchi
Sep 14, 2012 · James Sugrue
Jun 26, 2012 · Kirill Grouchnikov
Jun 26, 2012 · Kirill Grouchnikov
Jun 26, 2012 · Eric Genesky
Jun 26, 2012 · Eric Genesky