We recently announced that Forum Sentry is the first and only API gateway to attain compliance with the internationally recognized Network Device Protection Profile (NDPP) certification. We are also the only FIPS- and DoD-certified cloud integration technology in the industry. Now PP Compliant, Forum Sentry is the industry’s only API Gateway to achieve these certifications […]
By Mamoon Yunus
Successful enterprise API implementations are built on a set of localized, project-level efforts with services that have clearly identified and accountable business and technology owners. Ownership defines an API domain. Deciding what services are core to a business owner and should be implemented within the owner’s API domain versus consumed from a third-party API domain becomes […]
The post Three Federated API Requirements for Enterprise Cloud Computing appeared first on Forum Systems.
OpenSSL continues to cast a shadow over the IT industry’s poor choice of programming languages for developing secure software. Neils Ferguson and Bruce Schneier’s mantra, that using a programming language without protection against buffer overflows is tantamount to criminal negligence, is a continuous reminder of memory related security bugs that plague our industry. Before going […]
By Jason Macy
The latest Heartbleed OpenSSL vulnerability (CVE-2014-0160) is again a re-affirmation that usage of C-based security modules by an enterprise company greatly increases its risk posture.
The post OpenSSL Security Vulnerabilities and other C-based Risks appeared first on Forum Systems.
By Mamoon Yunus
Here is an archived document that Forum Systems published in 2002-2003 while architecting a secure XML gateway. We would like you to read this article to understand the importance of a security-first approach while interacting with users and systems, especially outside your enterprise boundary.
The post Predictions from 2002-2003: Heartbleed = Criminal Negligence appeared first on Forum Systems.
In this article, we will show you how to fix the OpenSSL Heartbleed security flaw. OpenSSL Heartbleed has been recently discovered by security researchers. This security flaw is as a result of a software bug in the SSL/TLS protocol implementation of the OpenSSL library. Heartbleed is catastrophic at many levels: It’s easy to exploit. […]
There are plenty of reasons to go with centralized API security by deploying an API gateway but in this blog post we are going to focus on why it’s beneficial for your development team(s). The security model in an organization can have a significant impact on a company’s technology and development team structure and size. […]
The post How to Save Resources with Centralized API Security appeared first on Forum Systems.
Secure integration has become increasingly important over the past few years. As businesses rely more heavily on applications for conducting transactions and managing personal information, API security has become critically important. When it comes to application security, generally, there are three options: centralized, decentralized and a hybrid of the two. Let’s learn a little bit […]