Tuesday, February 2, 2016

The Last Post

It's been a while since I've posted on this blog. There is a good reason: I've joined Gartner as a Research Director.

I won't be posting any more to this blog, but look out for me over at the Gartner Blog Network.

Thanks for following my blog!

Wednesday, December 16, 2015

DZone Executive Insights on Application Security published

I'm proud to have taken part in the Executive Insights on Application Security report which has just been published by DZone. Kudos to Tom Smith for gathering all of the insights together and producing such a useful report.

It was good to provide input in the area of API Keys, which I feel are often overlooked by security teams. While SSL private keys are rightly seen as sensitive and requiring protection, API Keys are not always seen as being so important. For a variety of reasons, API Keys are often baked into code (or, worse, sit in configuration files). Some organizations, such as Amazon, have provided valuable guidance for the protection of API Keys, and this is something we bring out in the report. Indeed, API Management is particularly important for managing API Keys.

Check out the full report online (free registration required).

Sunday, November 29, 2015

Architecting a Digital Platform - Presentation at Gartner AADI 2015

The Gartner AADI (Application Architecture, Development & Integration) Summit kicks off tomorrow in Las Vegas. Each year, this event is an opportunity for architects at leading organizations to connect and discuss the latest trends in application and systems design. This year, the focus is on “Empowering Innovation, Leading Transformation”.  Topics covered will include API strategies, business analytics, and how to design powerful user experiences.

A key part of embracing digital is to architect a Digital Platform. This platform is what enables Digital Engagement, by underpinning new user experiences across many channels. Underpinning this layer is the Digital Foundation layer, which is enabled by APIs. Increasingly, those APIs follow a microservices framework.

Following a pace-layered approach, the architecture allows an organization to function at multiple speeds. The fast-moving UX layer consumes APIs which are in turn mapped to underlying systems.

In my talk at ADDI, at 9.30am on December 2nd, I will be talking about how to architect a digital platform.  I will peel back the layers of a typical Digital Platform, from the fast-changing UX layer, to the API layer, as well as a microservices framework. Case studies are always important in a talk like this, to show how organizations are leveraging a digital platform to enable digital transformation in the real world. I'll show how three leading organizations have deployed Digital Platforms, enabling them to innovate to meet customer expectations.

I look forward to seeing you there!

National Australia Bank (NAB) Hackathon

Hot on the heels of the UniCredit Appathon comes the NAB Hackathon, also sponsored by Axway and with APIs hosted by the Axway API Management platform. It took place this weekend, and by all accounts was a great success.
The NAB hackathon featured a REST API, with simple clear documentation which included sample API calls. As they put it in the API documentation, "The interface is a RESTful JSON based API, so you could even connect your IOT infrastructure to it (maybe your toaster needs to transfer some money to your fridge?)", and "If you have ever used the nab.com.au website, or any of our mobile apps, then you've already used our APIs."

Hackathons are a key part of the digital engagement being pursued by leading organizations like NAB and UniCredit. An API Management platform is a key part of a hackathon, because it enables stubbed-out APIs which act as a kind of sandbox for developers. For the API provider, the API Management platform provides API Key authentication, OAuth support, and analytics on the API usage. The analytics are particularly useful because they provide a way to gauge which APIs are most popular in the hackathon. This usage info is a valuable piece of feedback into API design. Often the most exciting aspects of APIs are when they are used in unforseen ways, and a hackathon provides a kind of petri dish for this kind of innovation.

First prize was won by nabSaver - congratulations!
And here is the group photo of the hackathon participants. I can spot at least three Axway "API First" shirts! (clue - one is in the bottom-right being sported by our very own Axel Grosse)

I look forward to lots more hackathons enabled by Axway!

Saturday, November 7, 2015

From Ideas to Innovation - UniCredit Appathon 2015

Right now the UniCredit Appathon is happening in Milan, Italy, with the Axway team involved as a sponsor. A key part of any hackathon is setting up mocked-up or simulated API endpoints in a managed environment - which is where Axway comes in:
"...developers will have access to UniCredit API infrastructure, loaded on an external playground with fake data, and API management solutions sponsored by Axway" http://www.businesswire.com/news/home/20151103007061/en/Axway-Supports-%E2%80%9CAppathon-2015-UniCredit%E2%80%9C
In this way, developers have a sandbox of mocked-up data to develop apps against APIs.

Of course, prizes and free "API First" t-shirts are also a part of any hackathon! And it's also great to see the Axway red ball up in lights with the UniCredit red ball the big kick-off today:

My colleague Luigi Ferrari has shared photos of the Appathon in action:

I had the pleasure of visiting UniCredit in Milan earlier this year, and I was very impressed with their vision for their APIs. UniCredit includes developers as a central part of this vision. Even before their APIs are out of beta, they have engaged developers using sandboxed APIs in their Appathon hackathon. The Appathon then becomes an important part of sourcing ideas for the future direction of their APIs, because the apps coming from the Appathon feed innovation into future versions of the APIs. It's a great example of continuous innovation, as the UniCredit slide below, presented at the Appathon today, shows:

Best of luck to all the participants!