DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Enterprise AI Trend Report: Gain insights on ethical AI, MLOps, generative AI, large language models, and much more.

2024 Cloud survey: Share your insights on microservices, containers, K8s, CI/CD, and DevOps (+ enter a $750 raffle!) for our Trend Reports.

PostgreSQL: Learn about the open-source RDBMS' advanced capabilities, core components, common commands and functions, and general DBA tasks.

AI Automation Essentials. Check out the latest Refcard on all things AI automation, including model training, data security, and more.

Avatar

Dmitry Sotnikov

Chief Product Officer at 42Crunch

Irvine, US

Joined Jun 2008

https://apisecurity.io

About

Dmitry Sotnikov is Chief Product Officer at the API Security specialist - 42Crunch - and the curator of the https://apisecurity.io newsletter and community. Prior to 42Crunch, Dmitry worked at Quest Software (now part of Dell) as Director of Cloud Solutions, then co-founded Jelastic PaaS and led Jelastic's sales, marketing, customer and partner relationships, and later built the cloud platform and business for WSO2 open-source integration company. Dmitry has been a featured speaker at multiple industry events including Microsoft TechEd, VMware VMWorld, Parallels Summit, Quest Innovate, and Technology Experts Conference (TEC). twitter: @DSotnikov

Stats

Reputation: 4522
Pageviews: 1.3M
Articles: 2
Comments: 4
  • Articles
  • Trend Reports
  • Comments

Articles

article thumbnail
Secure API Design With OpenAPI Specification
Effective API security uses a Positive Security model with well-defined, tested, and enforced contracts throughout the API lifecycle.
April 1, 2021
· 17,596 Views · 11 Likes
article thumbnail
API Gateway Add-on for Heroku PaaS
Heroku has teamed up with WSO2 to create API gateway and management functionality for Heroku's PaaS. Read on to find out more and how to get started with it.
February 27, 2018
· 5,797 Views · 10 Likes

Trend Reports

Trend Report

API Design and Management

Discover what you need to know about the state of API design and management. This report explores a wide range of topics from REST API discovery and navigation to common integration pain points and how developers are thinking about APIs.This report covers in-depth original research on developer preferences surrounding API programs and integrated systems. Additionally, experts in the field share their perspectives on effective API design as well as secure API strategies and best practices.

API Design and Management

Comments

Secure API Design With OpenAPI Specification

Apr 30, 2021 · Melissa Habit

Hi, Bukaj,

You are correct. Indeed, I can define an amazingly tight API in my contract, but not follow it in the actual implementation.

However, the big advantage of the OpenAPI standard (and other similar standards such as GraphQL, AsyncAPI, Protobuf, etc.) is that it is machine-readable. This means that you can for example:

* Use a contract-aware dynamic testing tool (I am partial here and can give 42Crunch Conformance Scan as an example) that would automatically test for any discrepancies between the contract and the implementation.

* Use a contract-aware API firewall or gateway (again, 42Crunch Protection is one such example, but increasingly other API gateways include at least some OpenAPI-based validation.)

Dmitry

Comparing WSO2 App Cloud with Heroku - Part 1

Nov 24, 2014 · Amila Maharachchi

Looking forward to Part 2. Seems to have a lot of scenarios of http://cloud.wso2.com still missing.
Creator of Web Says Flaw in Internet Explorer

Jun 26, 2012 · Kirill Grouchnikov

Please vote for TomEE support in our feature-voting gadget: http://jelastic.com/?features - that will help accelerate this effort tremendously. Right now the feature is on page 26 (which is not terrible - each page only has 4 features) but still definitely need votes to get a higher priority!
Creator of Web Says Flaw in Internet Explorer

Jun 26, 2012 · Kirill Grouchnikov

Please vote for TomEE support in our feature-voting gadget: http://jelastic.com/?features - that will help accelerate this effort tremendously. Right now the feature is on page 26 (which is not terrible - each page only has 4 features) but still definitely need votes to get a higher priority!

User has been successfully modified

Failed to modify user

ABOUT US

  • About DZone
  • Send feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: