API Gateway

Forum Systems to Showcase Award-Winning API Gateway at AFCEA Defensive Cyber Operations Symposium

By | Date posted: June 10, 2015

Forum Systems announced today that it will be showcasing its award-winning API Gateway, Forum Sentry, at the 2015 AFCEA Defensive Cyber Operations Symposium in Booth # 3014. Taking place June 16-18 at the Baltimore Convention Center, the event is designed to promote collaboration between government and industry partners in order to improve security and better defend the cyber mission space. Read more

OpenSSL Security Vulnerabilities and other C-based Risks

By | Date posted: April 11, 2014

One of the most significant OpenSSL security vulnerabilities is the latest Heartbleed OpenSSL security flaw (CVE-2014-0160). This OpenSSL security vulnerability is again a re-affirmation that usage of C-based security modules by an enterprise company greatly increases its risk posture. You can be certain that IT security folks out there felt that they were making the right architectural decisions to secure the enterprise. The problem isn’t the intent, the problem is the premise. Applications, wrapped in security band-aids , is not a sound enterprise risk mitigation strategy. Sure, Apache and OpenSSL are widely available and have been around for a long time, but look where it has led us.

Read more

How to create a REST policy in Forum Sentry

By | Date posted: April 5, 2014

In this tutorial, you will learn how to create a REST policy in Forum Sentry. As an API gateway, Forum Sentry enables you to lockdown APIs that generate XML and JSON traffic in your network. Three simple steps are required for setting up a REST policy: i) Registering the RESTful service endpoint ii) Setting up a listener iii) Configuring a REST policy that ties the listener and the endpoint. Let’s go through these steps.
Read more

Using HTTP Basic Auth for API Identity Management

By | Date posted: February 17, 2014

APIs are proliferating corporate networks.  Business owners seek APIs that solve their requirements regardless of whether the APIs are homegrown or provided by 3rd party cloud providers.  In both cases — internal and external APIs — controls have to be enforced on who gets to use what API.  API control requires enabling Identity Management for APIs. In this tutorial, we will use Forum Sentry to lockdown an external API with on-board users, groups and ACLs with simple point-and-click, code-free configuration.

Read more

Sleep Better with Centralized API Security

By | Date posted: February 5, 2014

Secure integration has become increasingly important over the past few years. As businesses rely more heavily on applications for conducting transactions and managing personal information, API security has become critically important. When it comes to application security, generally, there are three options: centralized, decentralized and a hybrid of the two. Let’s learn a little bit about each of the three models are setup:

Read more