Welcome!

VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Mark O'Neill

All Around the World - API Workshops for OAuth, Mobile, REST Here at Axway, we regularly run API Workshops worldwide which bring together API practitioners in discussion, debate, and exposure to technologies such as OAuth 2.0, API developer portal design, and identity. And when we say "worldwide", we mean worldwide. To illustrate this, my colleague Philipp Schöne has created an interactive map on CartoDB of the API Workshops over the past year, with photos of each. All that's missing is a backing track of Daft Punk's "Around the World" :) Each API Workshop has been eventful in its own way, and for example I recall the spirited debate on SOA and API Management, led by Kevin Kohut from Accenture and Randy Heffner from Forrester, at our API Workshop in Phoenix in September. Here are other highlights I'd pick out: Open Bank Project covering their vision for APIs for banking a... (more)

Protecting API Keys By @Axway | @CloudExpo [#API]

Back in 2011, while CTO at Vordel (API security/management vendor which was acquired by Axway in 2012), I wrote a piece for the Cloud Security Alliance blog entitled "Protect the API Keys to your Cloud Kingdom". In it, I talked about the importance of protecting API Keys. I wrote that: API Keys must be protected just like passwords and private keys are protected. This means that they should not be stored as files on the file system, or baked into non-obfuscated applications that can be analyzed relatively easily. https://blog.cloudsecurityalliance.org/2011/04/18/protect-the-api-ke... (more)

API Axes - Categorizing APIs By @Axway | @DevOpsSummit [#DevOps]

This week there has been a great discussion between David Berlind of ProgrammableWeb and Kin Lane of APIEvangelist.com, on the topic of categorizing Public and Private APIs. David quotes my ProgrammableWeb piece on Uber and ESPN, which talks about different API strategies, public and private. He makes some great points on the fact that many APIs are not fully public. I thought I'd expand on it here: I believe there are two axes which can be considered: First of all, let's look at API Exposure. The two categories are: External : Able to be used outside the organization. Internal : Use... (more)

APIs at 'Internet of Things' Hackathons By @Axway | @ThingsExpo [#IoT]

APIs at Hackathons - The Security Aspect This week, Bill Doerrfeld in ProgrammableWeb covered a post by Costas Pardalis of APIrise about "How to better promote your API at hackathons". The article is full of very sensible advice about ensuring that you provide an API Portal to enable simple sign-up for your API, provide a sandbox environment, and provide sample client code. But one part caught my eye. Here it is (emphasis added): According to Pardalis, Salesforce employed the most successful method of exposing their APIs at the event, lessening security measures, and including a vi... (more)

Liberating Your Data: Data-as-a-Service By @Axway | @CloudExpo [#API]

When you consider APIs and API Management, one way of looking at APIs is that it's ultimately all about the data. The API can be seen as a conduit for data. Managing the API means managing access to that data. This is especially important for Data-as-a-Service (DaaS). The point was eloquently put by Kamron Abtahi, DaaS Engineer at Dun and Bradstreet (D&B), when he spoke at the Axway API Workshop in Boston last November about how APIs allow D&B to liberate their data. Here is Kamron in action at the API Workshop event, explaining all of the benefits of the D&B Direct API: In a blog ... (more)