June 5th, 2012

Layer 7 User Conference & API Workshop

Layer 7 User ConferenceOn June 15, Layer 7 will be holding a special User Conference & API Workshop event at Cisco’s training facilities in San Jose, CA. This is a free event, open to Layer 7 Technologies customers and non-customers alike. The sessions will include a Q&A with Forrester Analyst Eve Maler plus speakers from Adobe, Savvis and Cisco.

It’s an all-day catered event, divided into two sessions (9am-12pm and 1-4:45pm, with lunch served in between). The morning session will focus on best practices for using Layer 7’s API Management, Mobile Access, SOA Governance and Cloud Integration products. The afternoon session will feature a workshop focusing on the topic of API Management.

For more information you can view the full agenda. Space is limited, so if you’re interested in attending, please don’t hesitate to register for the User Conference & Workshop.

March 2nd, 2012

API Security for Mobile & Cloud – A Best Practices Workshop for Enterprises Hosted by Layer 7

We Secure APIsOn Monday February 27, 2012 Layer 7 hosted an exclusive workshop at RSA Conference in San Francisco at the trendy W Hotel. The audience was a group of IT professionals interested to learn more about API management as it relates to mobile and Cloud security.

There was an hour of networking before the presentations started, during which lunch was served. The room filled quickly. As this was an exclusive event, seating was limited. By the time the first presenter had started, it was standing room only.

Layer 7 CTO Scott Morrison hosted the event, which featured guest speakers Caleb Sima and Rag Ramanathan. The workshop provided insight into API security and management best practices for mobile and Cloud.

More and more enterprises are looking to API publishing as a way of exposing their data to partners and external developers building mobile apps and Cloud services. But this inevitably creates serious security concerns.

So the aim of the workshop was to address the issue of API security for mobile and Cloud, with three presentations. The slides from these presentations are embedded below.


Caleb Sima: Open APIs – Security for Mobile & the Cloud

A look at what’s driving new Internet-facing organizations to open up information through APIs, plus a discussion of the implications for application security.


Rag Ramanathan: Securing & Governing Cloud APIs

A look at why APIs matter in the Cloud and the unique security challenges Cloud APIs create.


Scott Morrison: API Security & Management Best Practices

A look at the high-level considerations for controlling, metering and monitoring APIs from test through to production.

February 24th, 2012

Upcoming XACML Training Workshops

XACML IntegrationWith the advent of APIs in the enterprise comes the need for a new security model. An effective runtime security strategy for the type of open integration environment created by APIs requires the deployment of three intertwined elements – a policy enforcement point, a policy decision point and an attribute service.

Layer 7’s SecureSpan API Proxy fits into this strategy as the policy enforcement point. The API Proxy verifies/authenticates any incoming message before assembling a standard XACML request, which is then sent to the policy decision point. Layer 7 offers easy integration with leading policy decision point technologies from Axiomatics and Radiant Logic.

To help enterprise architects understand how XACML is used for this kind of integration, we’ve been organizing a series of workshops in collaboration with our friends at Axiomatics, Radiant Logic and SailPoint. Coming up, we’ve got events at the Mikrotek Training Facilities in San Francisco, Chicago and New York. Here are the details: