OWASP API security – 2: Broken user authentication
User Authentication is dedicated to identifying, rating and highlighting vulnerabilities associated with the ability to correctly authenticate users.
OWASP API security – 1: Broken object level authorization
In this introductory blog on API security, we’ll be exploring how to avoid broken object level authorization (BOLA) in your APIs.
OWASP API security – Intro
This is the first in a series of blog posts which looks at the OWASP API Security top 10 threats in the context of API Management. Read our guide!
APIM architectural and deployment patterns 101
Looking at different architectural deployment patterns for API Management and assess the merits of each, along with any potential drawbacks.
Full lifecycle API management for Kubernetes, courtesy of Tyk Operator
Kubernetes is simple, powerful, and flexible; the platform by which all container orchestration frameworks are measured. See how Tyk can help.
OAuth2 Token Exchange RFC8693
Oauth token exchange – OAuth2 Token Exchange RFC8693 is a delegation protocol which allows an API Gateway to authenticate with an upstream.
GraphQL performance testing manual
When building a web or mobile application, it’s important to decide what technology to use to build your APIs. Learn more about GraphQL!
GraphQL: Performance is no longer a trade-off
Now that you have set up your GraphQL APIs using Apollo, let’s look at the performance of these APIs! Read our guide.
An introductory guide to modern API security management
Modern digital transformation is built on APIs, a new operating model that provides direct access to business logic, applications, and institutional data.
Enriching Tyk with OSS API traffic visibility & security reporting
Today we’ll be creating an OSS API micro-service in Tyk Open Source Software and monitoring its traffic with APIClarity.