A Checklist for API Security with Wim Remes

December 31, 2019 Dormain Drewitz

As a security expert and consultant, Wim Remes (@WimRemes), was fed up with clients using security products that had lacking API security themselves. But he knew that it was a multi-faceted problem that couldn't be addressed in one place. So, he developed a maturity model for security APIs that could serve as a check list for clients evaluating products, procurement teams involved in purchasing security products, and security vendors building the products. As it turns out, it's a pretty good checklist for any developer building APIs.

Wim sat down with Dormain Drewitz (@DormainDrewitz) and Brian McClain (@BrianMMcClain) to talk through the model, which includes factors for documentation, authentication, and design and implementation. Wim described what a "zero" or "one" versus a "five" looked like for some of these factors. How do your APIs measure up?

API security maturity model

Next steps:



About the Author

Dormain Drewitz

Dormain leads Product Marketing for Pivotal Platform Ecosystem, including RabbitMQ, and Customer Marketing. Previously, she was Director of Product Marketing for Mobile and Pivotal Data Suite. Prior to Pivotal, she was Director of Platform Marketing at Riverbed Technology. Prior to Riverbed, she spent over 5 years as a technology investment analyst, closely following enterprise infrastructure software companies and industry trends. Dormain holds a B. A. in History from the University of California at Los Angeles.

Follow on Twitter Visit Website More Content by Dormain Drewitz

No Previous Articles

Platform as a product, cloud native education, and 2020 predictions, with Paula Kennedy
Platform as a product, cloud native education, and 2020 predictions, with Paula Kennedy

In this episode: platform as a product, learning cloud native, and 2020 predictions.

SpringOne Platform 2019 Presentations

Watch Now