In his latest article in this series, Adam DuVander discusses the additional security issues that arise when using mTLS, and how to mitigate those issues by combining mTLS with OAuth. bit.ly/3ONUvlW

In just two days, API Academy will be running a workshop at Apidays Paris, starting at 2pm. Hope to see you there!

Watch API Academy member Francois Lascelles in an interview with IT for Business, discussing his session at API Academy Workshop, held in conjunction with Apidays Paris. vimeo.com/781127882/9eee…

In his 2nd of a 3 part series, member Gary V. discusses how OpenTelemetry is transforming observability, providing a unified framework for collecting, processing, & exporting telemetry data through a set of standards Check out his API Academy blog below. bit.ly/43LmTLW

In the 3rd part of the 3 part series on OTel, Layer7's CTO discusses how Otel is transforming observability, and some of the advantages of it that his Layer7 team is taking advantage of - a good read! bit.ly/43LmTLW

In his latest blog, Bala discusses the fundamentals of API security and what to look for with your API security provider. bit.ly/3r5GSqK

In his latest blog, the Head of API Academy takes a look at OWASP from origins to today's Top Ten and API Security Top Ten lists, and how they have become THE de facto benchmark for enterprise security-and he sets up an upcoming series around this topic. bit.ly/3qvx1dW

In this first piece of our three-part series, API Academy member Bala examine the top three risks on the 2023 OWASP Top Ten list: Broken Object Level Authorization, Broken Authentication and Broken Object Property Level Authorization. bit.ly/44sHSTQ

In his latest blog, Francois takes a look at the API security best practice of sender-constraints and how to apply it to improve your overall security posture. bit.ly/45HgAu3

In part two of this series on the updated OWASP Top Ten API Security risks, Bala examines three more of the Top Ten: Unrestricted Resource Consumption, Unrestricted Access to Sensitive Business Flows and Security Misconfiguration. bit.ly/3EEibF2

In this final blog in his series on OWASP API Security Top Ten, Bala takes a look at what's likely ahead for API and application developers. bit.ly/3EJxr3C

In his latest blog, Bill takes a look at a few of the emerging API protocols and their impact on enterprise security models - with a few pointers for mitigating those concerns. bit.ly/3RDs1yP

In his latest blog, Bill takes a look at generative AI and its potential impact on API security - with a few thoughts on how to mitigate against this new threat vector. bit.ly/45f9ig5

In his latest Blog series, Bala takes a look at how SQL Injection is becoming a common attack vector once again - and how to mitigate against this threat. bit.ly/3ZRCB7k

In his latest blog, Bill takes a look at the evolution to multi-cloud, and the benefits and risks of adopting a multi-cloud API management strategy. bit.ly/3QmQsOU

In his latest blog, Bala takes a look at encryption and the impact of cryptographic failures on the enterprise. bit.ly/3sTlpCs

In his 3rd blog on mitigating against the OWASP Top Ten, Bala discusses how proper security logging and monitoring is key to every enterprise’s security-in-depth approach. bit.ly/3OaZqyc

In his latest blog, Bill takes a look at the move to the cloud, and some of the challenges that can crop up as a result - and how using Kubernetes Operators can help mitigate those challenges. bit.ly/49eTTPL

In his latest blog, Bill follows up on a previous AI discussion - this time, focused on the business issues related to AI and API security....a good read. bit.ly/3vqNYse

From Apisecure/Apidays NYC 2024, catch this replay of Layer7's CTO discussing how quantum computing seems like a distant technology, but if you consider the pace of modernization, the quantum threat may be just around the corner–and APIs are the target. bit.ly/3V0iRxL