My blog site has moved!!!

Please visit me at

Want to practice capitalism?

Capital 2015-09-24_13-50-47

As with most modernized economies, the United States economy utilizes capitalist principles. It is only fitting that we invented a technological solution that will help companies engage in c-api-talism using APIs in a more efficient manner.

Read more of this post

Transform from being a SOA-saurus to participate in the new API economy

soa summitDo you want to learn what “API surfacing” is? Do you know how to create low-touch, completely automated APIs that can convert you from existing enterprise orientedness (or being a SOA-saurus) to a more agile, API enabled architecture?

Learn how to easily participate in #API economy by building REST based, or JSON based, architecture by building on top of SOAness. In a usecase, our customer (GNAX) talks about how they did it.

Attend my speech at SOA summit (#soasummit) on Aug 22 to find out. It is virtual and it is free, register here

gnax case study

API Security at the Boston AppSec meetup on Feb. 7th

If you are in the Boston area on Feb. 7th , come over and join 80 fellow geeks for my API security session at the Boston AppSec meetup. Free beer and pizza. Thanks, Akshat, for hosting my speech.

Are you building your APIs the right way?

I keep telling my customers, it is not about what you think is important but it is about what your customers (internal, external or partners) see as important when it comes to building APIs and mobile apps, or APIs for mobile apps. This article from Intel explains the facets of WHO, WHAT and HOW very nicely. We instituted a new practice called Intel API Manager which does all of the above and more. It includes a strategy session to identify the audience (WHO) that can benefit from this, WHAT are the channels that can drive additional revenue, and HOW we can help you achieve that.

And, yes Intel does software!  – and very well too!

–          Andy Thurai (Twitter: @AndyThurai)

Are you PCI DSS compliant yet? What is stopping you?

The PCI tokenization solution show case at NRF was a grand success. I never would have believed the traffic through our booth and the interest. First of all, the show was huge!!! I am not kidding. Last year the attendance was 25,500 ( and I am pretty sure this year they surpassed that. (Last count puts it at 27,600)NRF show

Intel had a big booth there and predominantly displayed was our PCI tokenization solution. The reason why our solution gained much visibility is, as one customer put it, you provide compliance and risk mitigation in one place.

The most effective PCI tokenization solution MUST have:

  1. Have the ability to create a security story NOT just a compliance story (I will blog about this later). In other words, not only reduce PCI scope but helps you protect card holder data
  2. High speed, high performing tokenization solution that is a capable of producing 10s thousands of tokens in a second, if needed
  3. A hardware based true random token generator
  4. Capable of producing upwards of 2 B tokens to scale up
  5. Proxy tokenization method without a need to touch any of your existing systems
  6. Not only the solution should be able to “automagically” detect PAN numbers but also allows you  to preserve certain digits for routing, identification purposes on needs basis
  7. Allow you to use tokens as a surrogate for the original credit cards every time – “multi-use” tokens
  8. Allow you to either BYOD (Bring your own Database) or use an extra hardened, highly secure database provided for you
  9. Can handle data in any format and in any incoming channel
  10. Secure enough to do the tokenization in DMZ if needed
  11. Can work anywhere within enterprise, extended enterprise, including partner locations or virtual environments such as in the cloud

Checkout Intel’s Tokenization Buyers’ guide on how to do this the effective way.

How do you spell “Lightning Speed” API Manager?

Well, if you are a Star Wars junkie like I am and watched the Mel Brooks spoof movie Space Balls then you probably would spell this as ludicrous speed  🙂

One of the reasons why I want to write this is that I get asked this a lot by my customers. “Why is Intel in the API space” and “Why should we buy from you” but more importantly “What are your differentiators from ——— (you insert the name here of your choice).  While the first two are addressed in some of my other blogs (such as Intel Data center software strategy, etc.), I want to talk about specific aspect of our differentiator.

We all know Intel does chips very well. What you may not know is that Intel does software well too. (Refer to my blog Intel does software here). When you are combining the fastest breed of Intel processors and the software intelligence built on top with direct access to the Intel Core we are miles ahead of our competition. One such thing is outlined below.

Latest versions of our gateway products (Service Gateway, Security Gateway, API Gateway, Tokenization Gateway, and Cloud Encryption Gateway) all have one thing in common: Tied to the Intel chips at the hip and perform at highly elevated speeds. The latest such enhancement is an addition for the optimization for cryptographic acceleration using Intel processors. This enabled us to outperform ASIC cryptographic accelerator boards such as Tarrari and Cavium by a wide margin.

Read more of this post

Happy Holidays

Merry Christmas and a Happy New Year to everyone.

Follow me on Twitter @AndyThurai

After resisting for much of the time, I have decided to drink the hyper social coolaid. Please follow me on Twitter @AndyThurai

Gartner AADI scoop

Every year there seems to be a new buzz at the Gartner AADI conference. Last year it was Mobility. While Mobility still seems to be a hot topic, this year everyone seemed to be buzzing about API Management and Big Data. I think it is an appropriate time for Intel to release the composite API Manager given the buzz I saw here alone (and I will tell you what we are doing in Big Data soon enough. Something big is coming soon).  For the naysayers who suggest that Intel does dinosaur technology, I want you to check this out. The sessions hosted by Intel at the Gartner AADI conference were well attended with keen interest by Enterprise Architects, Security Architects and Developers alike. The following sessions were presented by Intel, at the Intel booth, which had the heaviest traffic I have seen of any vendors that had a presence there.

Kin Lane – Master of API himself presented two “API Building Blocks” sessions. (I am doing a keynote session with Kin for ISACA in a few days. Check it out if you have time. It will be worth it, I promise – Link).

Appcelerator did two sessions on Building Mobile Apps in 15 mins and how to use Intel Manager as a run time Mobile enabler.

Virtustream presented Trusted API access to MBaaS using Intel API Manager.

Yours truly presented 2 sessions on Mobile middleware.

Not only that, we have seen the heaviest traffic in our booth since we started going to the Gartner AADI event. Finally people seem to realize that Intel does software (Read my blog on that here).

Thanks to all those who stopped by our booth. Congratulations to the Virtual Keyboard winners. Seems like a very cool gadget. I wish I had one 🙂

I will try to post some pictures from the Gartner AADI event soon.

%d bloggers like this: