OWASP API security – 4: Lack of resources & rate limiting
When APIs face excessive requests, service availability, performance, & security suffer. Explore OWASP rate limiting.
OWASP API security – 3: Excessive data exposure
Protect your API from excessive data exposure by structuring responses so that sensitive data is either not returned or is redacted. Read our guide!
OWASP API security – 2: Broken user authentication
User Authentication is dedicated to identifying, rating and highlighting vulnerabilities associated with the ability to correctly authenticate users.
OWASP API security – 1: Broken object level authorization
In this introductory blog on API security, we’ll be exploring how to avoid broken object level authorization (BOLA) in your APIs.
OWASP API security – Intro
This is the first in a series of blog posts which looks at the OWASP API Security top 10 threats in the context of API Management. Read our guide!
APIM architectural and deployment patterns 101
Looking at different architectural deployment patterns for API Management and assess the merits of each, along with any potential drawbacks.
Celebrating Global Intergenerational Week 2022 at Tyk
We’re celebrating the week by answering the most popular questions we get asked about being a multigenerational organisation.
The Strangler Fig Pattern
The Strangler Fig pattern is a long-established approach for incrementally replacing legacy systems. How can it be applied to API Management?
Don’t choose between your children and your career – choose Tyk!
Stop worrying about what to do with your career and childcare when you become a new parent. Tyk is here to help.
OAuth2 Token Exchange RFC8693
Oauth token exchange – OAuth2 Token Exchange RFC8693 is a delegation protocol which allows an API Gateway to authenticate with an upstream.