API strategy & practice conference in NYC – Are you going?

February 14, 2013 Leave a comment

Alright, I am sure you have heard this again and again but it’s worth saying it one more time. The first ever API strategy & practice conference is going be in NYC on Feb 21, 22 (http://www.apistrategyconference.com/). If you are just finding this out, it might be way too late for you to get in (But I will tweet anything interesting happening from inside 🙂 ).  There are 72 companies that are confirmed to participate and sending their API whiz kids, gurus, learners, teachers, procrastinators there to make a difference. Intel is proud to be a Gold sponsor to this event.

API strategy post

Yes, Intel. Not only does Intel do software, but they do it really well too. We have an outstanding API Manager that we released recently which will be showcased there. If you happen to attend this, please stop by my 2 speaking sessions/ panels.

Day 1: 2:20-3:30 – Track 3: API Security and Scalability

As APIs gain adoption they become ever more critical gateways to a company’s core business – ensuring access is secure and scalable are mission critical for your business. Presentations include:

  1. Paul Madsen (@PingIdentity) of  Ping Identity
  2. Mark O’Neil (@TheMarkONeill) of Vordel
  3. Travis Reeder (@treeder) of Iron.io
  4. Andy Thurai (@AndyThurai) of Intel
  5. Discussion panel on the challenges and solutions for API Security and Scalability

  Read more of this post

Filed under API, Cloud Tagged with , , , , , , ,

State of CA – Split Personality Syndrome?

February 6, 2013 Leave a comment

It’s interesting to see that the state of CA has a split personality disorder! I wrote in a blog about a year ago how the state of CA is being a model citizen by forcing companies to protect consumer sensitive data by protecting the PII information (such as zipcodes and other sensitive information by classifying them as PII) and imposing penalties on companies that don’t comply. (Link here) But now, they sided with Apple stating that for on-line transactions the vendors can collect additional PII information that is not necessary for brick-and-mortar vendors. This means if you are an online retailer and collect such PII data, you need to have a mechanism to protect all this information you are collecting from your consumers, not just the PCI data but the PII data as well. In order to comply with this dual personality, you will need a solution that can encrypt and tokenize the sensitive information as necessary and as seamlessly as possible.

http://news.cnet.com/8301-13579_3-57567526-37/apple-wins-california-credit-card-privacy-case/

Filed under Cloud, PCI, PII, Privacy, Security, Tokenization Tagged with , , , , , , , , , , , , , ,

API Security at the Boston AppSec meetup on Feb. 7th

February 2, 2013 Leave a comment

If you are in the Boston area on Feb. 7th , come over and join 80 fellow geeks for my API security session at the Boston AppSec meetup. Free beer and pizza. Thanks, Akshat, for hosting my speech.
http://securitymeetup.com/events/71803472/?eventId=71803472&action=detail

Filed under Uncategorized Tagged with , , , , , ,