This post was originally published as “Keeping Your APIs Secure for Multiple User Types” on the Apigee Blog. In an[…]
Read moreTag: Security
SAML2 vs JWT: Understanding OAuth2
This blog post continues the SAML2 vs JWT series. In the last post, we discussed JSON Web Tokens. Now, we[…]
Read moreSAML2 vs JWT: Apigee & Azure Active Directory Integration — A JWT Story
In our next SAML2 vs JWT post, we are going to use a JWT with a very simple API that[…]
Read moreSAML2 vs JWT: Understanding JSON Web Token (JWT)
In this post, we begin our exploration of the JSON Web Token (JWT) specification as part of the SAML v2.0[…]
Read moreAPI MANAGEMENT AND PERIMETER SECURITY FOR COTS APPLICATIONS
This post was originally published as “API Management and Perimeter Security for COTS Applications” on the Levvel Blog. Kronos provides[…]
Read moreAPI Security vs. Web Application Security: Part 2
This post was originally published as “API Security vs. Web Application Security: Part 2” on the Levvel Blog. In this[…]
Read moreAPI Security vs. Web Application Security Part 1: A Brief History of Web Application Architecture
This post was originally published as “API Security vs. Web Application Security Part 1: A Brief History of Web Application[…]
Read moreNissan LEAF, API Security, Who Owns API Security, and How Much Security Is Enough?
This post was originally published as “Nissan LEAF, API Security, Who Owns API Security, and How Much Security Is Enough?”[…]
Read moreProtecting Server Resources Hosting Unauthenticated APIs
This post was originally published as “Protecting Server Resources Hosting Unauthenticated APIs” on the Levvel Blog. In this article, I[…]
Read moreRBM–Administrative Access & Security for DataPower
I generally recommend to clients that DataPower RBM (Role-Based Management) be configured to perform authentication and authorization of DataPower administrators[…]
Read more