Security

Security

An index and topic collection covering API security, identity, access management, secrets management, encryption, and threat protection. API security spans the full lifecycle of an API, from designing strong authentication and authorization, to managing keys, secrets, and certificates, to protecting runtime traffic with WAFs, rate limiting, and bot mitigation, to scanning code and dependencies for vulnerabilities. This collection brings together identity providers like Okta, Auth0, and Keycloak; secrets and key management platforms like HashiCorp Vault and AWS KMS; cloud security and WAF vendors like Cloudflare, Akamai, and Palo Alto Networks; and software supply chain security tools like Snyk, Sigstore, and Sonatype.

articleAll API Stories

20 stories relevant to Security, pulled from across the API Evangelist network blog feeds.

article
article
article
article
article

Controlling Tool Access with APIM MCP Gateway

article
article
article
article
article
article
article

The Other Side of the MCP Threat Conversation

article
article
article
article
article
article
article
article