API Best Practices Blog
Vzaar: A Platform for Merchandising Video »
We all know YouTube is a famous platform for sharing videos. But the advertising that supports YouTube isn't always wanted when you, yourself, are a business who wants to be taken seriously. This is a problem that vzaar solves—hosting professional content and videos for businesses. They provide a professional video platform that allows you to serve high quality videos for your web applications, and many other businesses. Creating videos for your business is a great way to engage with customers and can be an important revenue generating tool. The best part about vzaar is the control they provide, like how your video gets presented and where. They also have a well-documented API that you can use to plug videos right into your application.
Since the CTO of Vzaar, Adrian Sevitz ,uses Apigee, we asked him to share some of his experiences.
What insights into your app or other benefits have you gotten from working with Apigee?
Adrian: Both insight into which calls are being accessed, and what the popular API calls are as well as how many hack attempts we get looking for open urls and holes.
What new Apigee feature would you most like to see from Apigee?
Adrian: Two things. The first is the ability to limit users by number of calls so we can sell different access limits. The second is to white or blacklist ulrs being access to provide a layer of protection at the api level.
What mashup, app, or API do you admire?
Adrian: App wise we love postmark for our emails and spreedly for our billing. Both of them make our life easier. And what could be better than that?
When your trying to give your business the right impression on a video platform, vzaar is a great way to push your product or service out! Also we want to hear your ideas on www.apigee.com/support so we can provide a better service for all of our users.
Catch API Bugs Fast: How to Use the New Debug Console »
Note: To use the Debug Console, you'll have to have added an API to your account and be logged in!
Cloud Security tech talk series: Security and Scalability »
Next in our series of tech talks on cloud security issues, Greg and Ryan Bagnulo, Security Architect for ASPECT-i discuss how scalability can change security requirements and how cloud computing offers new opportunities to fend off attacks on services including.
- security at high scale - how to preserve the resilency of the busines
- cloud powered security - using elastic cloud resources at the edge to protect core services
- protecting against bot attacks and spikes through security policy enforcement and caching
Check out this talk below, last week's video on PII and Audit compliance , and the full series here.
Cloud Security series - issues around PII, privacy, and audit compliance »
Greg recently sat down with Ryan Bagnulo, Security Architect for ASPECT-i, to discuss a number of cloud security concerns and issues.
We captured these discussions in six short videos, each focusing on a topic. Here are the first two on PII, data filtering, and audit and regulatory concerns, (see the full series here.)
In this first video, Greg and Ryan set things up with discussions on:
- Challenges in deploying cloud, starting with: should you trust your cloud administrator?
- Good data for early cloud adoption (such as public data like news, stocks)
This 2nd short focuses on:
- issues around PII (personally identifiable information)
- counter-measures, such as de-identifying data with filtering, screening or access control
- privacy and regulatory risks around stored in the cloud.
- best practices for protecting data
- implications for violating security breaches privacy regulations
We'd love your thoughts and comments.
Tech Talk: API Security and Threat Protection »
Greg recorded a few whiteboard talks last month - this one is a good summary of recent posts on API Keys, API security recommendations, and OAuth best practices.
(And here are some of our high-level API security features if you are looking into this.)
Tech Talk: API Visibility and Metrics »
Earlier this week, Greg speculated that Twitter might have benefited from digging deeper into API metrics and usage patterns, so we thought it would be a good time to put him on the spot with a tech talk he recorded on API visibility a couple weeks ago.
For more, here are some sample API metrics considerations and a demo of our own API Analytics solution.
TrueCredit.com API case study »
Scott Metzger, CTO of TrueCredit.com was kind enough to take some time to talk about their Consumer Connect API program and some of the technical challenges that they have addressed using Apigee's API Gateway.
Scott wanted to make life easier on his development team as they ramped up their number of APIs, partners and traffic volumes. Here, he describes how he uses the technology as a 'policy layer' to provide API analytics, fine-grained data protection, and caching in an API Gateway. In this case, Apigee Enterprise is deployed on-premise virtualized software.
We're very excited to be working with Scott and TrueCredit, and check out the full TrueCredit Case study.
So you want to open an API? »
Greg Brail, our CTO, took advantage of a break from O'Reilly Velocity and a new Flip HD ultra to record a series of four short whiteboard talks on issues many face when opening an API - visibility, security, traffic management, and more. Here is the first clip and you can preview all of these and more API case studies on our Apigee youtube channel.).
We love feedback and these are quick to do - so any more topics you'd like to see, please let us know..
