SoapUI_NG_Ad_900x115pxl

When Your APIs Are Ready to Be Liberated, Are You Ready to Free Them?

IBM_Plugin_280x260

Almost every enterprise that I know takes a very cautious approach to this new API game. They build it, test it, try it, do a limited release, then fix the necessary areas, test it again, and finally, when they are satisfied they are ready, they get it out in the open. … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 3 of 3)

HackYourAPI9

  The first two installments in this series have set us well on our path to API security/intrusion nirvana; we first got to grips with current API technology basics, moved on to API Attack surface detection and then looked at a series of common and potent … [Read more...]

3scale plugin for Ready! API completes the lifecycle

3scalelogo

with Guest Post from SmartBear collaboration partner Manfred Bortenschlager of 3scale   From Lorinda Brandon, API Products at SmartBear: When we originally designed Ready! API, our goal was to provide a fluid movement from your API project through a variety of … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 2 of 3)

467236477

 In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This second post covers the anatomy of some of the most common API security hacks.In our last post, we prepared … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 1 of 3)

Hack Your Own API

In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This first post will highlight 3 key aspects you will need to understand when hacking an API: API technologies, … [Read more...]

The API Copyright Debate Surfaces Again

technology-innovation

It all started back in May 2014, when a federal appeals court made a ruling that sparked outrage and controversy in the software industry. Their decision was theoretically a final step in the long-standing lawsuit between Google and Oracle, where Oracle claims that Android … [Read more...]

D-Factor: How Strong is your Data Contract?

contract

REST APIs, and APIs in general, converse in structured data.  APIs will vary in the degree and type of structure, the format, and the intended use.  But they also vary greatly in how the expectations around that data are specified. As a client developer, I need to know … [Read more...]

Security Lessons Courtesy of Snapchat

snapchat_uhoh

Some apps are there to teach the rest of us the painful lessons of doing it wrong—Snapchat is one of them.   https://storify.com/SmartBearSalmon/security-lessons-courtesy-of-snapchat … [Read more...]

API Security Testing: Think Like a Bad Guy

You want to check an API to ensure that it’s secure, but just how do you think like a bad guy intent on breaking your API and potentially into your site? Performing the right sorts of API security testing is essential. Every day it seems like you see another security … [Read more...]

API Strategy & Practice: The World is Ready for Ready! API

API STRAT

Last week I had the pleasure of attending API Strategy & Practice. The conference offered great content with heavy-hitting speakers and some great technical sessions, but most notably for me I was excited to formally announce Ready! API to the world.  For those not … [Read more...]