Denver MuleSoft Meetup on API Security, OAuth, and Access Control
As the Coronavirus lockdown is in full swing, we held our first virtual Denver MuleSoft Meetup on April 8th, 2020, using Zoom. Despite the lack of physical interaction, the event had a good turnout with a lot of participation. There was even some “networking” over Zoom.
This Meetup was popular, and many people indicated they wanted to attend. The registration number maxed out quickly. There are several reasons.
First, the topic is on top of many people’s minds since API security vital for many organizations, and security can be complicated. The audience wants to learn from experts who have implemented aspects of API security successfully.
Second, with the event being virtual, people from around the United States and different areas of the world to attend the Denver MuleSoft Meetup. With such a large and diverse presence, there were many different perspectives on the topic.
Mike Moore (MuleSoft), partnering with Ping Identity as the identity provider (IdP), gave an excellent presentation. He explained how the different layers of MuleSoft APIs could be secured using various forms of OAuth 2.0. This subject naturally made for a very interesting demo. It was instructive to see the APIs interacting with the IdP and securing the APIs using MuleSoft policies.
I’d say our first virtual Meetup was a great success. The best part? The security knowledge and content can be used for so many use cases as developers create new APIs in organizations around the world.
ADOPTION & EXPANSION
+ Number of APIs
+ Business coverage
+ Number of contracted apps
+ API usage
+ API reuse
EFFICIENCY & COST SAVINGS
+ Number of APIs in each SDLC stage
+ Time spent in each SDLC stage
+ Cost and time to build an API
+ App development velocity
+ Number of launches per year
+ Number of defects
SECURITY & VULNERABILITIES
+ Security violation
+ Policy enforcement
+ Time since the last version was published
+ Number of throttling issues
+ Time to onboard
+ Number of deployments
+ Number of incidents
+ Percentage of customers impacted. per incident
+ Time to resolve incidents