Tag Archive for: API

SD Times news digest: GitHub’s first chief security officer, VS 2019 remote debug support, and Android Sleep API released

/in


GitHub hired Michael Hanley as its first chief security officer to focus on developer-first security. 

“Good security and the speed of the business are not opposing concepts when met with thoughtful design and a customer-centric approach. I believe that security done well allows us to go further, faster, and more confidently than ever before,” Hanley wrote in a blog post.

Previously, Hanley was the vice president of security at Duo Securitym and the chief information security officer at Cisco. 

VS 2019 remote debug support
Visual Studio 2019 offers remote debug support for MSBuild and CMake projects targeting Windows and Linux.

Developers can now debug on their production machines with no development tools installed other than the remote debugger, they can target less common developer environments as well as environments where Visual Studio is unavailable. 

Microsoft automatically deploys the Universal CRT and VCRuntime libraries which are to automatically deploy dependencies along with the built binaries from the project.

Additional details on the remote debug support are available here.

Android Sleep API released
Android’s Sleep API is an Android Activity Recognition API that surfaces information about the user’s sleep through ‘sleep confidence’, which is reported at a regular interval up to 10 minutes, and a daily sleep segment that appears when a user wakes up.  

The API gets this information through on-device AI that detects light and motion on a device through sensors.

The Sleep API is available now on the latest version of Google Play Services. 

Apache weekly update 
Last week, the Apache Software Foundation saw the release of Apache Commons Net 3.8.0 which implements the client side of many basic Internet protocols.

Other releases and updates this week included Qpid Broker J 7.1.12 and J 8.0.4, Beam 2.28.0, BookKeeper 4.13.0, Directory Studio 2.0-0-M16, Lucene 8.8.1 and Solr 8.8.1, and MyFaces Core v2.3-next-M5.

Additional details on all of the latest releases are available here.

Source…

API Security Checks in the Post-Pandemic World

/in


The digital transformation journeys of many enterprises have been accelerated by the COVID-19 pandemic. For 2020, IT resources shifted to support WFH policies with mobile and remote productivity solutions, while simultaneously managing multiple datacenter migration projects to the cloud for scale and costs. A recent Enterprise Technology Research Survey1 confirmed that WFH policies were not just a mirage in the post-pandemic world, and that the percentage of workers around the world that will permanently work from home would double.

Whether it’s supporting these post-pandemic work policies with mobile and web transactions or other popular digital transformation initiatives, like IoT, automation and microservices, APIs have played a critical role for many enterprises. Today, the average enterprise has approximately 900 applications2, and APIs play an instrumental piece in helping deliver their intended business value. APIs helped Uber disrupt the entire transportation industry, for example, with a mobile app that would consume the API of Google Maps without having to build its own mapping system. Moreover, to enable Uber and its customers to complete mobile transactions in this digital business model, APIs were leveraged to confirm transactions from the customer’s payment gateway to those of Uber and its networked drivers. Given their ability to share data and information between applications, systems, and devices, and making it possible for these things to talk with each other, APIs have, unfortunately, attracted many stakeholders beyond their intended audience of business innovators. Today’s cybercriminals, whether individuals or nation-states, have made APIs one of their popular vectors of choice.

Whether the business is traditional, like a credit bureau or big box retailer, or a member of the New Economy, cybercriminals have exploited the human errors in deploying APIs that were typically overlooked. As enterprises implemented processes and systems to meet industry compliance and global privacy rules, hackers were still able to identify gaps resulting from integration oversights or inadequate code audits due to the best-practices of third-party development or…

Source…