SlideShare a Scribd company logo
1 of 11
Download to read offline
Protecting the API ecosystem
APIDays 2021 Singapore
Dr Omaru Maruatona, CEO
omaru@aiculus.co
Speaker Profile
 Cyber-AI consultant
 Industry Professor
 Founder and CEO
© Aiculus 2021 | Confidential
Talking Points
3
1. Holistic approach to
ecosystem security 5. Trends: SG, UK, Aus
© Aiculus 2020 | Confidential
3. API specific threat
intel sharing
2. Layered Security
4. Dynamic security
standards
6. Security vs UX
The API ecosystem
4
 Strong interconnection of
service providers
 Inferred (credential based)
Trust system
© Aiculus 2021 | Confidential
 Network of Interconnected
systems/ services
 Some services require more
than one entity to be complete
What is it? Features
Holistic approach to security
© Aiculus 2021 | Confidential
Weak link
exposes others Ecosystem integrity
depends on each
component
No herd
immunity
Layered security
© Aiculus 2021 | Confidential
 Several checkpoints to reach
crown jewel
 Increase cost/effort of attack
 Compromise between cost,
security and performance
© Aiculus 2021 | Confidential
Realtime threat sharing
 Zero day spread mitigation  Proactive Risk management  Reduce risk impact
Dynamic standards
© Aiculus 2021 | Confidential
 Easily implementable
 Regular updates to
keep up with threat
dynamics
 Product agnostic
 Easily accessible
Key Trends
MAS Guidelines on
API security
© Aiculus 2021 | Confidential
Ecosystem
compliance-based
register
Trusted service
provider register
© Aiculus 2021 | Confidential
Security vs UX
Securing the new frontier
omaru@aiculus.co

More Related Content

What's hot

apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...
apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...
apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...apidays
 
apidays LIVE New York 2021 - Playing with FHIR without getting burned by Dav...
apidays LIVE New York 2021 - Playing with FHIR without getting burned by  Dav...apidays LIVE New York 2021 - Playing with FHIR without getting burned by  Dav...
apidays LIVE New York 2021 - Playing with FHIR without getting burned by Dav...apidays
 
APIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , Kong
APIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , KongAPIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , Kong
APIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , Kongapidays
 
apidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulik
apidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulikapidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulik
apidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulikapidays
 
Balancing Mobile UX & Security: An API Management Perspective Presentation fr...
Balancing Mobile UX & Security: An API Management Perspective Presentation fr...Balancing Mobile UX & Security: An API Management Perspective Presentation fr...
Balancing Mobile UX & Security: An API Management Perspective Presentation fr...CA API Management
 
Modern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyModern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyDevOps Indonesia
 
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...apidays
 
INTERFACE, by apidays - A cloud-native approach for open banking in action b...
INTERFACE, by apidays  - A cloud-native approach for open banking in action b...INTERFACE, by apidays  - A cloud-native approach for open banking in action b...
INTERFACE, by apidays - A cloud-native approach for open banking in action b...apidays
 
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...apidays
 
The Enabling Force of Technology at Liberty Mutual
The Enabling Force of Technology at Liberty MutualThe Enabling Force of Technology at Liberty Mutual
The Enabling Force of Technology at Liberty MutualVMware Tanzu
 
apidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeus
apidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeusapidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeus
apidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeusapidays
 
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...apidays
 
apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...
apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...
apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...apidays
 
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...MuleSoft
 
API Security and OAuth for the Enterprise
API Security and OAuth for the EnterpriseAPI Security and OAuth for the Enterprise
API Security and OAuth for the EnterpriseCA API Management
 
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...apidays
 
Microservices architecture
Microservices architectureMicroservices architecture
Microservices architectureDaniel Foo
 
[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise
[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise
[WSO2 Integration Summit San Francisco 2019] The Composable EnterpriseWSO2
 
[WSO2 Integration Summit San Francisco 2019] The API-driven World
[WSO2 Integration Summit San Francisco 2019] The API-driven World[WSO2 Integration Summit San Francisco 2019] The API-driven World
[WSO2 Integration Summit San Francisco 2019] The API-driven WorldWSO2
 

What's hot (20)

apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...
apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...
apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...
 
apidays LIVE New York 2021 - Playing with FHIR without getting burned by Dav...
apidays LIVE New York 2021 - Playing with FHIR without getting burned by  Dav...apidays LIVE New York 2021 - Playing with FHIR without getting burned by  Dav...
apidays LIVE New York 2021 - Playing with FHIR without getting burned by Dav...
 
APIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , Kong
APIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , KongAPIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , Kong
APIdays Paris 2019 - Adopting Service Mesh by Marco Palladino , Kong
 
apidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulik
apidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulikapidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulik
apidays LIVE Paris - Avoid Building a Microservices Death Star by Przemek Kulik
 
Balancing Mobile UX & Security: An API Management Perspective Presentation fr...
Balancing Mobile UX & Security: An API Management Perspective Presentation fr...Balancing Mobile UX & Security: An API Management Perspective Presentation fr...
Balancing Mobile UX & Security: An API Management Perspective Presentation fr...
 
Modern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyModern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API Friendly
 
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
 
INTERFACE, by apidays - A cloud-native approach for open banking in action b...
INTERFACE, by apidays  - A cloud-native approach for open banking in action b...INTERFACE, by apidays  - A cloud-native approach for open banking in action b...
INTERFACE, by apidays - A cloud-native approach for open banking in action b...
 
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...
 
The Enabling Force of Technology at Liberty Mutual
The Enabling Force of Technology at Liberty MutualThe Enabling Force of Technology at Liberty Mutual
The Enabling Force of Technology at Liberty Mutual
 
apidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeus
apidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeusapidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeus
apidays LIVE London 2021 - What are SMART APIs by Patrick Brosse, Amadeus
 
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
 
apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...
apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...
apidays LIVE Paris 2021 - Why Can’t Us Consumers Have APIs by Salman Farmanfa...
 
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...
How Cisco is Leveraging MuleSoft to Drive Continuous Innovation​ at Enterpris...
 
API Security and OAuth for the Enterprise
API Security and OAuth for the EnterpriseAPI Security and OAuth for the Enterprise
API Security and OAuth for the Enterprise
 
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
 
Microservices architecture
Microservices architectureMicroservices architecture
Microservices architecture
 
London Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynoteLondon Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynote
 
[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise
[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise
[WSO2 Integration Summit San Francisco 2019] The Composable Enterprise
 
[WSO2 Integration Summit San Francisco 2019] The API-driven World
[WSO2 Integration Summit San Francisco 2019] The API-driven World[WSO2 Integration Summit San Francisco 2019] The API-driven World
[WSO2 Integration Summit San Francisco 2019] The API-driven World
 

Similar to apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona, Aiculus

RA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRockwell Automation
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
Zero trust strategy: cloud security by design
Zero trust strategy: cloud security by designZero trust strategy: cloud security by design
Zero trust strategy: cloud security by designaccenture
 
CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...
CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...
CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...Congrés Govern Digital
 
Presentación - Cisco ASA with FirePOWER Services
Presentación -  Cisco ASA with FirePOWER ServicesPresentación -  Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxYoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxVictoriaChavesta
 
Tufin SecureCloud
Tufin SecureCloudTufin SecureCloud
Tufin SecureCloudMatt Kerr
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services Felipe Lamus
 
Become a cloud security expert
Become a cloud security expertBecome a cloud security expert
Become a cloud security expertbillysmit3
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaWise Pacific Venture
 
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...Amazon Web Services
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudAlert Logic
 
Cisco Connect 2018 Indonesia - Cybersecurity Strategy
Cisco Connect 2018 Indonesia - Cybersecurity StrategyCisco Connect 2018 Indonesia - Cybersecurity Strategy
Cisco Connect 2018 Indonesia - Cybersecurity StrategyNetworkCollaborators
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаCisco Russia
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Russia
 
MobileIron plus Cisco - Mobilizing Network Security
MobileIron plus Cisco - Mobilizing Network SecurityMobileIron plus Cisco - Mobilizing Network Security
MobileIron plus Cisco - Mobilizing Network Securitymobileironmarketing
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudAlert Logic
 

Similar to apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona, Aiculus (20)

RA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I start
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect Assets
 
CloudWALL Profile ENG
CloudWALL Profile ENGCloudWALL Profile ENG
CloudWALL Profile ENG
 
Zero trust strategy: cloud security by design
Zero trust strategy: cloud security by designZero trust strategy: cloud security by design
Zero trust strategy: cloud security by design
 
CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...
CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...
CGD2021 - "Accés segur als teletreballadors de la Generalitat de Catalunya am...
 
Presentación - Cisco ASA with FirePOWER Services
Presentación -  Cisco ASA with FirePOWER ServicesPresentación -  Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
Tufin SecureCloud
Tufin SecureCloudTufin SecureCloud
Tufin SecureCloud
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
 
Become a cloud security expert
Become a cloud security expertBecome a cloud security expert
Become a cloud security expert
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, Indonesia
 
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
 
Cisco Connect 2018 Indonesia - Cybersecurity Strategy
Cisco Connect 2018 Indonesia - Cybersecurity StrategyCisco Connect 2018 Indonesia - Cybersecurity Strategy
Cisco Connect 2018 Indonesia - Cybersecurity Strategy
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Интуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнесаИнтуитивная сеть как платформа для надежного бизнеса
Интуитивная сеть как платформа для надежного бизнеса
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPs
 
MobileIron plus Cisco - Mobilizing Network Security
MobileIron plus Cisco - Mobilizing Network SecurityMobileIron plus Cisco - Mobilizing Network Security
MobileIron plus Cisco - Mobilizing Network Security
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
 

More from apidays

apidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile API
apidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile APIapidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile API
apidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile APIapidays
 
apidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wise
apidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wiseapidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wise
apidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wiseapidays
 
apidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Ventures
apidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Venturesapidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Ventures
apidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Venturesapidays
 
apidays Singapore 2023 - Digitalising agreements with data, design & technolo...
apidays Singapore 2023 - Digitalising agreements with data, design & technolo...apidays Singapore 2023 - Digitalising agreements with data, design & technolo...
apidays Singapore 2023 - Digitalising agreements with data, design & technolo...apidays
 
apidays Singapore 2023 - Building a digital-first investment management model...
apidays Singapore 2023 - Building a digital-first investment management model...apidays Singapore 2023 - Building a digital-first investment management model...
apidays Singapore 2023 - Building a digital-first investment management model...apidays
 
apidays Singapore 2023 - Changing the culture of building software, Aman Dham...
apidays Singapore 2023 - Changing the culture of building software, Aman Dham...apidays Singapore 2023 - Changing the culture of building software, Aman Dham...
apidays Singapore 2023 - Changing the culture of building software, Aman Dham...apidays
 
apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...
apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...
apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...apidays
 
apidays Singapore 2023 - Beyond REST, Claudio Tag, IBM
apidays Singapore 2023 - Beyond REST, Claudio Tag, IBMapidays Singapore 2023 - Beyond REST, Claudio Tag, IBM
apidays Singapore 2023 - Beyond REST, Claudio Tag, IBMapidays
 
apidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartner
apidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartnerapidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartner
apidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartnerapidays
 
apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...
apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...
apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...apidays
 
Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...
Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...
Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...apidays
 
Apidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IO
Apidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IOApidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IO
Apidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IOapidays
 
Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...
Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...
Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...apidays
 
Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...
Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...
Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...apidays
 
Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...
Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...
Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...apidays
 
Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...
Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...
Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...apidays
 
Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...
Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...
Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...apidays
 
Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...
Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...
Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...apidays
 
Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...
Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...
Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...apidays
 
Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...
Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...
Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...apidays
 

More from apidays (20)

apidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile API
apidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile APIapidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile API
apidays Singapore 2023 - Addressing the Data Gap, Jerome Eger, Smile API
 
apidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wise
apidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wiseapidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wise
apidays Singapore 2023 - Iterate Faster with Dynamic Flows, Yee Hui Poh, Wise
 
apidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Ventures
apidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Venturesapidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Ventures
apidays Singapore 2023 - Banking the Ecosystem, Apurv Suri, SC Ventures
 
apidays Singapore 2023 - Digitalising agreements with data, design & technolo...
apidays Singapore 2023 - Digitalising agreements with data, design & technolo...apidays Singapore 2023 - Digitalising agreements with data, design & technolo...
apidays Singapore 2023 - Digitalising agreements with data, design & technolo...
 
apidays Singapore 2023 - Building a digital-first investment management model...
apidays Singapore 2023 - Building a digital-first investment management model...apidays Singapore 2023 - Building a digital-first investment management model...
apidays Singapore 2023 - Building a digital-first investment management model...
 
apidays Singapore 2023 - Changing the culture of building software, Aman Dham...
apidays Singapore 2023 - Changing the culture of building software, Aman Dham...apidays Singapore 2023 - Changing the culture of building software, Aman Dham...
apidays Singapore 2023 - Changing the culture of building software, Aman Dham...
 
apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...
apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...
apidays Singapore 2023 - Connecting the trade ecosystem, CHOO Wai Yee, Singap...
 
apidays Singapore 2023 - Beyond REST, Claudio Tag, IBM
apidays Singapore 2023 - Beyond REST, Claudio Tag, IBMapidays Singapore 2023 - Beyond REST, Claudio Tag, IBM
apidays Singapore 2023 - Beyond REST, Claudio Tag, IBM
 
apidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartner
apidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartnerapidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartner
apidays Singapore 2023 - State of the API Industry, Manjunath Bhat, Gartner
 
apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...
apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...
apidays Australia 2023 - Curb your Enthusiasm:Sustainable Scaling of APIs, Sa...
 
Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...
Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...
Apidays Paris 2023 - API Security Challenges for Cloud-native Software Archit...
 
Apidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IO
Apidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IOApidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IO
Apidays Paris 2023 - State of Tech Sustainability 2023, Gaël Duez, Green IO
 
Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...
Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...
Apidays Paris 2023 - 7 Mistakes When Putting In Place An API Program, Francoi...
 
Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...
Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...
Apidays Paris 2023 - Product Managers and API Documentation, Gareth Faull, Lo...
 
Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...
Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...
Apidays Paris 2023 - How to use NoCode as a Microservice, Benjamin Buléon and...
 
Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...
Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...
Apidays Paris 2023 - Boosting Event-Driven Development with AsyncAPI and Micr...
 
Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...
Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...
Apidays Paris 2023 - API Observability: Improving Governance, Security and Op...
 
Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...
Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...
Apidays Paris 2023 - Elevating Event-Driven World: A Deep Dive into AsyncAPI ...
 
Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...
Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...
Apidays Paris 2023 - Not Your Grandma’s Rate Limiting, Meenakshi Dhanani, Pos...
 
Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...
Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...
Apidays Paris 2023 - How API Fit to a Modern Enterprise Integration Platform,...
 

Recently uploaded

9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 

Recently uploaded (20)

201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 

apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona, Aiculus

  • 1. Protecting the API ecosystem APIDays 2021 Singapore Dr Omaru Maruatona, CEO omaru@aiculus.co
  • 2. Speaker Profile  Cyber-AI consultant  Industry Professor  Founder and CEO © Aiculus 2021 | Confidential
  • 3. Talking Points 3 1. Holistic approach to ecosystem security 5. Trends: SG, UK, Aus © Aiculus 2020 | Confidential 3. API specific threat intel sharing 2. Layered Security 4. Dynamic security standards 6. Security vs UX
  • 4. The API ecosystem 4  Strong interconnection of service providers  Inferred (credential based) Trust system © Aiculus 2021 | Confidential  Network of Interconnected systems/ services  Some services require more than one entity to be complete What is it? Features
  • 5. Holistic approach to security © Aiculus 2021 | Confidential Weak link exposes others Ecosystem integrity depends on each component No herd immunity
  • 6. Layered security © Aiculus 2021 | Confidential  Several checkpoints to reach crown jewel  Increase cost/effort of attack  Compromise between cost, security and performance
  • 7. © Aiculus 2021 | Confidential Realtime threat sharing  Zero day spread mitigation  Proactive Risk management  Reduce risk impact
  • 8. Dynamic standards © Aiculus 2021 | Confidential  Easily implementable  Regular updates to keep up with threat dynamics  Product agnostic  Easily accessible
  • 9. Key Trends MAS Guidelines on API security © Aiculus 2021 | Confidential Ecosystem compliance-based register Trusted service provider register
  • 10. © Aiculus 2021 | Confidential Security vs UX
  • 11. Securing the new frontier omaru@aiculus.co