A Checklist for API Security with Wim Remes

December 31, 2019 Dormain Drewitz

As a security expert and consultant, Wim Remes (@WimRemes), was fed up with clients using security products that had lacking API security themselves. But he knew that it was a multi-faceted problem that couldn't be addressed in one place. So, he developed a maturity model for security APIs that could serve as a check list for clients evaluating products, procurement teams involved in purchasing security products, and security vendors building the products. As it turns out, it's a pretty good checklist for any developer building APIs.

Wim sat down with Dormain Drewitz (@DormainDrewitz) and Brian McClain (@BrianMMcClain) to talk through the model, which includes factors for documentation, authentication, and design and implementation. Wim described what a "zero" or "one" versus a "five" looked like for some of these factors. How do your APIs measure up?

API security maturity model

Next steps:

 

 

About the Author

Dormain Drewitz

Dormain leads Product Marketing and Content Strategy for VMware Tanzu. Before VMware she was Senior Director of Pivotal Platform Ecosystem, including RabbitMQ, and Customer Marketing. Previously, she was Director of Product Marketing for Mobile and Pivotal Data Suite. Prior to Pivotal, she was Director of Platform Marketing at Riverbed Technology. Prior to Riverbed, she spent over 5 years as a technology investment analyst, closely following enterprise infrastructure software companies and industry trends. Dormain holds a B. A. in History from the University of California at Los Angeles.

Follow on Twitter Visit Website More Content by Dormain Drewitz
Previous
From Idea to Product: How VMware Pivotal Labs Helps Startups Grow
From Idea to Product: How VMware Pivotal Labs Helps Startups Grow

A podcast discussing how VMware Pivotal Labs helped health-care startup Alluceo grow an engineering practic...

Next
Securing applications in the era of speed, scale, and open source
Securing applications in the era of speed, scale, and open source

Snyk co-founder Guy Podjarny explains how the speed and scale of modern software development affect securit...