April 16th, 2012

Webinar Reminder: Developers, Developers, Developers

Layer 7 RedMonk Developers WebinarIt’s about developers again.

Everything in technology goes through cycles. If you stick around long enough, you begin to see patterns emerge with an almost predictable regularity. I actually find this comforting; it suggests we’re on a path of refinement of fundamental truths that date back in a continuous line though Alan Kay to Turing and beyond.

The wrong way to react to technology cycles is with the defensive-and-crusty “this is nothing new kid—we did it back in ’99 when you were stuck in the womb.” Thanks for nothing, Grandpa. A better approach is to recognize the importance of new energy and momentum to make great things happen.

The cycle that really excites me now is the new rise of the developer. Trying my best not to be crusty, there is a palatable excitement and energy out there that really does feel like it did in 1999. After years of outsourcing, after years of commoditization, developers matter again. A lot. It’s like the world has rediscovered the critical importance of this fundamentally creative endeavor.

This is a golden age of technology and possibility, one that is being driven by new blood and newer technology. The catalyst is the achingly perfect collision of Cloud, mobility and social discovery with APIs, node.js, Git, NoSQL, HTML5, massive scalability… (I really could go on and on here).

Most of all, I’m excited by movements like Codecademy. This simple idea perfectly reflects the tenor of the time in which we live. People are no longer afraid of making things easy. The priesthood is gone; coding is now confident and mature.

I’ll be talking more about these topics – and the important role APIs play – in an upcoming webinar I will be delivering with James Governor, co-founder of RedMonk. This is the analyst firm that truly is at the heart of the new developer movement. I hope you can join us Thursday, April 19 at 9am Pacific. This one is going to be good.

Click here to register for the webinar: Developers, Deveopers, Developers - Why API Management Should be Important to You featuring RedMonk

April 4th, 2012

Upcoming Webinar: Developer Engagement for Open API Initiatives

Layer 7 - RedMonk WebinarThe recently-published Layer 7 white paper Secure Mobile Access for Enterprise Employees points out that, from a business perspective, the real value of mobile devices is not in the devices themselves – it is in the apps that run on these devices. Similarly, from a technical perspective, while APIs hold a great deal of potential value for enterprises, developers hold the key that unlocks this potential.

Value comes not from devices or APIs as such – it comes from developers and the applications they build for these devices, against these APIs. To get true value from its APIs, an organization must take a developer-centric approach: reaching out to get developers on board; providing support to help developers use APIs effectively; tracking API usage to identify the most valuable developers; managing APIs to ensure developers can create applications that work consistently.

Our upcoming webinar Developers, Developers, Developers – The Secret to Running a Successful API Management Program will explore tools and techniques for developer-centric API management. Presented by Layer 7 CTO Scott Morrison and RedMonk analyst James Governor, this webinar will take place at 9am PDT on April 19. Space is limited, so don’t hesitate – sign up today!

March 8th, 2012

Reminder: Upcoming API Access Control Webinar

Layer 7 WebinarOAuth handshake patterns and OAuth token management are currently two of the hottest topics related to enterprise APIs. Although OAuth originated as a third-party authorization mechanism, it now addresses a multitude of patterns related to controlling access for RESTful APIs. With version 2.0 of the standard defining numerous grant types that accommodate both two and three-legged cases, OAuth is becoming the de-facto standard for any API access control.

Regardless of the specific access control scenario, any enterprise-scale OAuth implementation must leverage existing infrastructure and processes for managing and controlling identities. For example, OAuth should be implemented in a way that maintains any existing Single Sign-On user experience or it should simply reuse existing identities and their attributes as part of the authorization checks.

Next Wednesday, I’ll be joined by Steve Coplan of 451 Research for a webinar called Simplifying API Access Control with OAuth. We’ll be taking an in-depth look at just how OAuth can be integrated with existing systems for effective API access control. We’ve already had a lot of interest in the event but there are still a few free spots, so don’t hesitate to sign up for the webinar today.

February 29th, 2012

Upcoming Webinar: Simplifying API Access Control with OAuth

Extending Existing IAM Technology for Enterprise API Access Control featuring 451 ResearchAccess control is a key aspect of API management. When an enterprise launches an API, identity and access management (IAM) will be among its most pressing concerns. But access control is handled differently for APIs than it is for the Web or even Web services. This can present difficulties for an enterprise that wants to reuse its existing IAM  infrastructure to provide access control for APIs.

On March 14, I’ll be co-presenting a webinar called Simplifying API Access Control with OAuth, alongside Steve Coplan of 451 Research. We’ll be exploring a good deal of the ground around API access control and OAuth but with a particular focus on how existing IAM and Single Sign-On (SSO) systems can be extended to integrate with API-enabled applications and services.

In addition to discussing how enterprises can extend their existing IAM and SSO investments for API access, we’ll be looking at:

  • What security and management concerns are created by open APIs
  • How enterprises can address key IAM challenges when securing APIs
  • Why OAuth is becoming central to API access control

Space is limited – so, if you’re interested, sign up today!

January 19th, 2012

Enterprise Mobile Migration: A 2012 Imperative

Simplifying Enterprise Mobile Access — A How-to GuideThe proliferation of consumers using smart phones and iPads has, perhaps inevitably, led to an explosion of mobile adoption in the enterprise. In fact, this so-called “BYOD” (bring your own device) approach to workplace connectivity is increasingly driving enterprise usage of Cloud-based services.

However, with these new opportunities come new questions for enterprise IT. For example:  How can I control access to the Web APIs used by mobile apps? How can I secure connections to Cloud-based services? How can I monitor usage in order to protect against malicious attacks or accidental traffic spikes?

On February 8, I’ll be presenting a webinar called Simplifying Enterprise Mobile Access — A How-to Guide, which will provide answers to some of these questions. If you’re interested and you’d like to join me, click the link below to register:

In this webinar, I’ll be drawing on my experience helping large organizations deal with disruptive IT change. From my perspective, it’s clear that giving employees access to corporate data and services via mobile devices will require new thinking on how to leverage existing identity infrastructure, how to protect APIs and how to govern externally-facing IT assets.