News

Product vs Toolkit – API and IAM Security

By | Date posted: September 11, 2018

 

“Product vs toolkit – What’s the difference when it comes to API and IAM security? Jason Macy, CTO at Forum Systems explains the difference between toolkits, agents, and adapters versus purpose-built security products.

The issue is that API and IAM technologies are toolkits based on frameworks, and adapter-based solutions. Marketing for API toolkits and IAM toolkits tout security features which state terms such as ‘encryption’ and ‘access control’ to lull customers into complacency. By stating security over and over, customers believe they are safe. In fairness, the toolkit vendors are not to blame since their marketing is driven out of the need to placate their customers’ concerns about security. As the cyber-threats continue to evolve, so does the marketing speak.

As IAM and API toolkits, frameworks, and adapter-based solutions continue to claim to be security products, customers must look beyond the marketing statements to understand the difference between a security product and a toolkit.

Read full article in SC Magazine

 

eWeek- Forum Systems: Product Overview and Insight

By | Date posted: July 2, 2018

eWeek- Forum Systems: Product Overview and Insight

eWEEK has started a new IT products and services section that encompasses most of the categories that they cover on their site. In it, they spotlight the leaders in each sector, which include enterprise software, hardware, security, on-premises-based systems and cloud services. 

Forum Sentry API Security Gateway enables enterprises and government organizations to create code-free APIs that secure access to complex enterprise applications.

Read eWeek’s Product Overview of Sentry

 

How to build a secure API gateway – Network Security

By | Date posted: June 29, 2018

We invite you to download and read our CTO Jason Macy’s article featured in Network Security

How to build a secure API gateway 

In this era of hyper-connectivity, where almost every app or application relies on communication to a server or database somewhere, it has become harder than ever to secure an organisation’s systems, data and business-critical processes. Most of the major technology trends that have shaped IT over the past few decades – such as cloud computing, BYOD, IoT and even social media have resulted in more people and entities connecting to corporate IT assets than ever before.

Most of the major technology trends of the past few decades have resulted in ever-greater numbers of connections to corporate IT assets.

At the heart of these connections are application programming interfaces (APIs) that underpin almost every interaction or process and these have quickly become a prime target for attackers. Yet despite their growing prominence, they have largely remained the sleeping giant of our technology-led world, attracting too little attention when it comes to security

Download the article

API security: A modern day gold rush? – SC Media UK

By | Date posted: June 19, 2018

API security: A modern-day gold rush? Read what our CTO Jason Macy has to say about it in SC Magazine UK.


The problem with a bolt-on approach to API security is that these API frameworks and toolkits are inherently insecure by definition and were never designed with security in mind, but rather designed for integration.

APIs (Application Programming Interfaces) exist to allow enterprises to make their key resources available to developers, mobile apps, consumers and other companies. They are one of the main ways that technology companies integrate with each other and act as the gateways to all types of functionality. Think of them as being like the plug that goes into an electric wall socket – they provide a standardised way to access the power of an application.

Continue reading article

The API Security Gold Rush – Network Computing

By | Date posted: May 24, 2018

When it comes to securing the API aspect of networks, should security come before functionality? Jason Macy, CTO at Forum Systems explains why this is the only option

In today’s era of hyper-connectivity, securing your organisation’s systems, data and business-critical processes is harder than ever. As a result of the major IT trends of the last decade, in particular cloud, mobile and IoT, more and more people and applications are connecting to our IT assets than ever before. What’s more, the majority of these interactions are from untrusted entities outside of the organisation’s network perimeter, and almost every one of these interactions relies on an application programming interface (API) to communicate to an application or system, somewhere in the world.

Read full article in Network Computing

 

Forum Systems Named Gold Winner in Info Security PG’s 2018 Global Excellence Awards®

By | Date posted: May 8, 2018

Company’s Industry-leading API Security Gateway Earns Top Honors in API Management and Security Category

BOSTON, May 8, 2018 – Forum Systems Inc., a pioneer in API security technology, today announced that the Info Security Products Guide has named the Forum Sentry API Security Gateway a Gold winner in the API (Application Programming Interface) Management and Security category of the 2018 Global Excellence Awards®.

Read more

Forum Systems to Explore API Security Fundamentals at Midwest Summit

By | Date posted: April 17, 2018

BOSTON, April 19, 2018Forum Systems Inc., a pioneer in API security technology, today announced the Midwest API Summit, the latest event in the company’s continuing series dedicated to examining the fundamentals of API security.

Taking place Thursday, April 26, from 9:30 a.m. – 4:30 p.m. EDT at the Renaissance Cincinnati Downtown, the Midwest API Summit will feature Forum Systems CTO Jason Macy and other industry experts exploring the best practices in securing API-based architectures. During the event, Forum Systems will showcase how its award-winning Forum Sentry API security gateway is providing the foundation for an effective API security strategy.

Read more

5 myths of API security – CSO Magazine

By | Date posted: April 9, 2018

 

Our CTO Jason Macy chats with Terena Bell in her article, 5 Myths of API Security in the April edition of CSO Magazine

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

Myth #1: API security is a feature, not a technology

According to Jason Macy, chief technology officer at API security management provider Forum Systems, “Many vendors in the API product landscape talk about having features of API security.” In reality, he says, “claiming to have features that provide aspects of API security” is just like “claiming to have features that provide firewall or antivirus security.”

Read the full article

 

Forum Systems Executive to Run the 2018 Boston Marathon

By | Date posted: April 6, 2018

Director of Engineering Javier Lopez Raising Funds to Support Nashoba Learning Group’s Mission of Serving Children and Adults with Autism

BOSTON, April 9, 2018 – Forum Systems Inc., a pioneer in API security technology, today announced that Director of Engineering Javier Lopez will participate in the 2018 Boston Marathon to raise critical funds for the Nashoba Learning Group (NLG).
Read more