January 2014

Key Generation and Certificate Signing Request

By | Date posted: January 30, 2014
PKI-100

SSL-protocol and data-level encryption are both based on Public Key Infrastructure (PKI) that uses public-private key pairs for asymmetric cryptography.  Generating such key pairs and issuing a certificate signing request are initial steps for enabling privacy.  Learn how to generate keys in Forum Sentry without requiring command line toolkits such as openssl. These key pairs can then be consumed by SSL or content encryption policies for securing XML, HTML, SOAP, JSON over a variety of protocols.

Read more

SSL Policies for securing your APIs

By | Date posted: January 29, 2014
SSL-100

Forum Sentry provides granular control for centralized SSL/TLS protection of your APIs running on application servers, web servers or message queues.  Forum Sentry typically sits in front of such components and deals with all the SSL related communication for your APIs so that you can focus on building business functionality while Forum Sentry takes the ownership of your security policies.

Learn how to set SSL policies for your XML, JSON, HTML, SOAP traffic and the benefits of using Forum Sentry for protecting your SOA, API components.

Read more

Buy vs. Build: Application Security Solutions

By | Date posted: January 26, 2014
API-100

In the world of application security, there are numerous options in the marketplace for both buying and building. Purchasing a centralized API security solution isn’t cheap but it can be less expensive than building your own, depending on your situation. There are three primary factors that will help determine the best approach for your organization:  (i) The number of application security policies needed  (ii) The nature of your applications  (iii) Resources and timing.  In this blog post, we will look at these three critical factors in detail to help you determine which API security path is best for you.

Read more