Copy
The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out
 
 

API Developer Weekly

June 23, 2022 - Issue #411
This week, we have a great article on how to secure your REST API, followed by a look at the new project from OWASP called crAPI, which helps to teach developers how to properly secure their API. We also have a look at the differences between OpenAPI v2 and v3, The 2022 API Platform Landscape from Postman, and a nice video on how the internet works that will help prepare you for a better understanding of HTTP/3. 

Happy Reading!
-- James

 
Hot Topics
How to Secure Your REST API
Application Programming Interfaces (APIs) are a set of protocols used in building and integrating application software. REST API is short for RESTful API, with REST standing for " Representational State Transfer," a design and communication approach. REST is a simple and flexible mode of structuring web API. by Mo Amao, Jeff Harris, Kevin Gardner, Kayleigh Bridges [techspective.net]

Owasp crAPI: Introducing API Security The Hacker Way
Owasp crAPI: API Security. Completely Ridiculous APIs with Real Vulnerabilities. How well do your teams understand your APIs? Vague answers? So is the understanding in many cases. Understanding APIs and their attack vectors are complicated. On top of it, there's no standard way to provide that hands-on experience of an... by Roshan Piyush [infosecwriteups.com]

Comparing the Features of OpenAPI v3 vs OpenAPI v2
The OpenAPI Specification is a widely adopted specification for machine-readable API documentation. Previously part of the Swagger framework, OpenAPI became an independent project in 2016. In the last few years, the specification has undergone several significant updates - despite this, many users are still using older OpenAPI versions, especially OpenAPI v2. [nordicapis.com]

How Netflix Engineering Makes a Federated Graph Searchable (Part 2)
In a previous post, we described the indexing architecture of Studio Search and how we scaled the architecture by building a config-driven self-service platform that allowed teams in Content Engineering to spin up search indices easily. This post will discuss how Studio Search supports querying the data available in these indices. [medium.com]

Book Review: Principles of Web API Design
Principles of Web API Design A common question you'll find on any software development forum is " How to start developing a web api" and predictably the answers will come from other developers touting the benefits of using some framework or programming language over another. [newswwc.com]

Debbie Levitt, CEO, Delta CX
In this Breaking Changes, Postman Chief Evangelist Kin Lane welcomes Delta CX CEO Debbie Levitt for a conversation about improving the user and developer experience. With a refreshingly honest view of the true effectiveness of agile, Debbie challenges the standard operation procedures and offers a better approach to the development of a truly enhanced user experience. [postman.com]

Using AWS Lambda Function URLs
Cloud-native applications have been trending for a number of years in the search for scalability, reliability, and wide availability. And, microservices are one of the more popular configurations to address these needs. AWS Lambda is one of the most popular microservice providers - it's a serverless environment comprised of serverless applications known as functions. [nordicapis.com]

The 2022 API Platform Landscape: Trends and Challenges
The API platform landscape continues to change rapidly. We have been conducting hundreds of conversations with developers in high-growth organizations, enterprise architects driving change in the large Fortune 500s, leaders driving the API-first vision in their companies, and CTOs and CIOs who are eventually responsible for driving value for their organizations through technology. Today, I want to share some of these key learnings with you, along with a 2022 update on the API platform landscape. [blog.postman.com]
 
The Business of APIs
API usage up at most organizations, but large amounts go undocumented
Sixty-two percent of security leaders around the world surveyed by Radware reported having at least a third of APIs that are undocumented, even though 92% believed having sufficient API protection, indicating the prevalence of a false sense of security in APIs, according to VentureBeat. by Steve Zurier, SC Staff [scmagazine.com]

Hyperautomation is no longer hype - MuleSoft and IQVIA just proved it
Automation is passe. Hyperautomation is now the cool kid on the block and enterprises around the world are leaning in hard to make the | MuleSoft Blog [blogs.mulesoft.com]
 
(Un)Related
How does the Internet Work? Explaining IP, TCP, TLS/SSL, and UDP
How does the Internet work? And why is the Internet called the Internet? What are the most important building blocks that make up the Internet? And what are ... [youtube.com]

Evolutionary Architecture: Supporting Constant Change
The first principle of an evolutionary architecture is to enable incremental change in an architecture over time - Thoughtworks. To support constant change, architecture and assumptions must be continuously challenged. Repeatedly building on top of a working solution will eventually produce an unexpected result. Then there are scaling issues. by Philip Starritt [betterprogramming.pub]

The Ultimate Guide to Architectural Decision Records
Architectural decision records (ADRs) document important architectural decisions made along with their context and consequences. They were first introduced by Michael Nygard in a 2011's blog post. An ADR usually consists of a short text file describing a specific architecture decision. You can write them in plain text, AsciiDoc/Markdown format, or use a wiki page template. by Kirshi Yin [betterprogramming.pub]

Say "Hello" to the Revolutionized Git Integration with APICTL 4.0.0
WSO2 API Controller 4.0.0 + WSO2 API Manager 4.0.0 APIs are now heavily used by businesses to execute business-critical functions. Without some sort of Continuous Integration and Continuous Delivery/Deployment (CI/CD), it is difficult to envisage a reliable and effective API-driven business. by Wasura Wattearachchi [medium.com]

What a Former GitHub CTO Learned about Scaling
For the 447th episode of Stack Overflow's podcast, GitHub's former Chief Technology Officer Jason Warner shared some fascinating tales of tech transformation. The conversation covered both the massive scaling effort at GitHub from May 2017 to July 2021 and the story of Warner's own "non-traditional" path into programming from "farm country" in Connecticut. by David Cassel [thenewstack.io]
 
Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at: james@launchany.com
 
UPCOMING EVENTS
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2022 LaunchAny, All rights reserved.
unsubscribe from this list