Apr
15,
2026
How to Find a Shadow API
Shadow APIs are undocumented, unmanaged endpoints buried in modern infrastructure. They pose a critical security risk that’s often overlooked. This article explains how they emerge, why attackers seek them out, and how traditional discovery methods fall short.
Apr
1,
2026
How Standards Help With API Design
In this article, we want to focus on the topic of standards. Sometimes these can be seen as obstructive and annoying, but above all, they ensure independence. This doesn’t just mean support in tooling; this type of agnosticism ensures interchangeability and central services, like formal validations and/or validities, or authentication...
Mar
25,
2026
Platform Engineering: Between the DevOps Ideal and Over-Engineering
As cloud-native architectures and microservices increase the complexity of software delivery, many organizations are exploring Platform Engineering and Internal Developer Platforms to help teams move faster without sacrificing governance or security. This article explains what Platform Engineering means, how it evolved from the DevOps movement, and how the right level...
Feb
16,
2026
Why APIs Should Be Designed Independently
APIs are long-term business and technical contracts, not just technical interfaces. Therefore, they must be designed independently from backend systems to ensure stability, scalability, and sustainable evolution in a networked and microservice-driven world. This article will help point out requirements for APIs and explain differences between common API types.
Jan
20,
2026
API Security Best Practices: Part 1
APIs are the backbone of modern applications today. They power web front ends, mobile apps, and IoT devices. But anyone who thinks API security is just "web app security in miniature" is mistaken!
Jul
16,
2025
Open Policy Agent in Practice: Real-World Policy Enforcement
Building on our previous introduction, this article dives deep into the practical application of Open Policy Agent (OPA) for centralized policy management in distributed systems. Discover how OPA enables flexible and scalable policy enforcement, focusing on critical use cases like API authorization, cloud security, and Kubernetes governance. Learn how to...
Jul
7,
2025
Watch Session: How to create an LLM API server
Dan Erez's session from the last version of the API Conference was one of the most beloved ones. In this blog you can see the whole session for free.
Jun
6,
2025
Open Policy Agent: Unified Control for API Security
Ensure consistent security and governance across your APIs, cloud, and Kubernetes environments with Policy as Code (PaC) and the open-source Open Policy Agent (OPA). This article explores the critical aspects of OPA testability and automation. Learn how to define policies as code for robust testing and seamless CI/CD integration, enabling...
Apr
23,
2025
Building Trust in AI-Powered APIs
AI-powered APIs are reshaping digital services—but trust is critical. This article shows you how to build that trust by applying responsible AI principles like transparency, fairness, and privacy. You’ll learn practical steps to design and manage AI APIs that are not only powerful but also ethical and reliable.
Feb
17,
2025
The API Economy: Trends and Transformations for 2025
In 2025, the API economy is revolutionizing business operations with hyper automation, robotic process automation, and AI-driven automation technologies to eliminate repetitive tasks, reduce costs, and improve productivity. Advanced API management ensures seamless integration of automation tools, while API marketplaces offer a wide range of solutions for innovation. Strong governance...
