inventory | The Blog Pros

July 8, 2022

API Security Weekly: Issue 166

This week, we have a comprehensive article on approaches to securing large API ecosystems, an interesting read on how to create OpenAPI definitions from HTTP traffic, how “Frankenstein APIs” are exposing businesses to additional risk, and why the continued API proliferation presents security challenges to organizations.

Securing Large API Ecosystems

First up this week is an excellent article from Michał Trojanowski in TheNewStack discussing the challenges facing the security of large API ecosystems. Trojanowski’s view is that security patterns applied to small-scale API deployments do not scale nor are they appropriate for larger-scale API deployments.

April 30, 2022

API Security Weekly: Issue 163

This week, we have an article on 7 reasons why API security strategies are failing, details on the recent keynote by Werner Vogels at AWS re:Invent on 6 rules for good API design, an article by Cisco on API discovery, and a review of some of the biggest API security attacks in 2021.

Article: 7 Reasons Your API Security Strategy Is Failing

This week, AmazicWorld featured a review of why API security strategies are failing to have the desired effect. The author’s view is that whilst developers are well-versed in how to create APIs, the security risks that APIs pose are an increasing threat to organizations. These risks are in large part a consequence of rapid API adoption: the sprawl of APIs is widening the threat landscape, and the fact that APIs are well-documented and can be easily reverse-engineered enables attackers to take advantage of them.

Packages for Store Routines in MariaDB 11.4
No categories
MariaDB 11.4 introduced many advanced features. One that grabbed my attention is the general support of packages for stored routines. Although this was previously available by activating the Oracle compatibility mode, now the feature is available gener... […]
Maintain Chat History in Generative AI Apps With Valkey
No categories
A while back I wrote up a blog post on how to use Redis as a chat history component with LangChain. Since LangChain already had Redis chat history available as a component, it was quite convenient to write a client application. But, that's not the same... […]
Knowledge Graph Enlightenment, AI, and RAG
No categories
In the previous edition of the YotG newsletter, the wave of Generative AI hype was probably at its all-time high. Today, while Generative AI is still talked about and trialed, the hype is subsiding. Skepticism is settling in, and for good reason. Repor... […]
Building an Effective Zero Trust Security Strategy for End-To-End Cyber Risk Management
No categories
You've probably heard a lot about zero-trust security lately, and for good reason. As we move more of our applications and data to the cloud, the traditional castle-and-moat approach to security just doesn't cut it anymore. This makes me come... […]
Phased Approach to Data Warehouse Modernization
No categories
A modernized database will help you focus on building innovative solutions rather than investing your time and effort in managing these legacy systems. Based on the scale of your existing data warehouse processes or jobs, it can be an enormous task to ... […]