Introduction

published book

We use APIs every day. When we’re connecting with friends online, making online purchases, interacting with our in-home smart speakers, and with countless other daily online or cloud-based activities, we’re using APIs whether we know it or not. Basically, APIs connect applications, devices, and systems, which is great for businesses and developers alike. Businesses take advantage of APIs for tasks like handling online payments, sharing on social media, and website analytics. They also enjoy valuable benefits like customers who stick around because APIs enable them to use products in the ways that best suit their needs. For developers, APIs simplify their lives because they’re essentially ready-made software building blocks that are easily integrated and adaptable. But the easy accessibility and openness that are fueling the widespread use of APIs also open them up to security risks, and those aren’t good for anyone.

In this sampler, you’ll find four chapters from three excellent Manning books that focus on creating secure APIs. Chapter 1, “What is API security,” from my own book, API Security in Action, explores the elements and mechanisms of API security as well as the different contexts of security including information security, network security, and application security. Following that introduction is Chapter 2, “Secure API development,” also from API Security in Action, where you’ll learn secure development principles as you dive into setting up a sample API.

Microservices are still as popular as ever, and as they continue to alter enterprise application systems, it’s crucial that developers and architects learn to integrate security into their design and implementation. The chapter I’ve included from Microservices Security in Action spotlights the need for an API gateway in microservices architecture. It’s called, “Deploying a microservice behind an API gateway,” and that’s exactly what you’ll learn to do.

Finally, “Code constructs promoting security,” Chapter 4 from Secure by Design, encourages a coding approach that results in designing programs with a security-first mindset. When secure-by-design programming becomes second nature, security is the implicit result—not an afterthought. That means you can focus on features and functionality while still preventing common security vulnerabilities.

With this great guide, you’ll have a rock-solid foundation for creating APIs that are implicitly secure, and that’s a win-win for everyone!

Sign in to access this free ebook
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage