Click here to close now.




















Welcome!

Microservices Expo Authors: Roger Strukhoff, Tom Lounibos, Elizabeth White, Joe Pruitt, Pat Romanski

Related Topics: Microservices Expo, Microsoft Cloud, Containers Expo Blog, Agile Computing, @CloudExpo, SDN Journal

Microservices Expo: Blog Post

API Management Predictions for 2014

The New Year is fast approaching and it’s time for some wild, speculative predictions on API Management for 2014

The New Year is fast approaching and it’s time for some wild, speculative predictions on API Management for 2014. As I mentioned in earlier posts, the space is has been rapidly maturing over the second half of 2013 with larger vendors such as IBM, Tibco and Intel making big moves. In Q3, 2013 Gartner sized the standalone API management market for 2013 at about $100M (70MM in 2012 with 40% expected growth).

The total market size as estimated here may seem small  but  this market intersects with the more traditional, and larger ($474M in 2012), SOA governance market because API management products both complement SOA governance and act as substitutes. The growth and success of API management programs, both public and internal, cause Enterprises to look at how they were handling their existing non-managed SOAP & REST APIs. This second look raises questions about how APIs and interfaces might be better managed in the future, especially when you have to address new demands and channels such as different screen types, developer communities, customers, partners, and devices. So what will 2014 bring? Here are my six API management predictions for 2014.

  1. SOA will reincarnate itself or die a second time – Services are alive and well and service orientation has reached the plateau of productivity, but unless Enterprises find a way to socialize APIs locked up in their existing SOA governance systems, these incumbent products will be quickly passed over in favor of new ways of sharing APIs – a simple developer portal. This services evangelism race is about marketing interfaces to developers and at the starting line developer portals are the Tesla Model S and SOA registry/repositories are the U-Haul. One vehicle you want to drive and the other you drive only when you have to.  If you don’t believe me, try searching a UDDI directory and compare that experience to this. The prediction here is that traditional SOA governance solutions will evolve to compete on experiences and improved sharing of API metadata or die trying.
  2. Internal API management will be the silent killer app – We have seen quote after quote this year from Netflix, and Programmable Web that Internal API management, which translates into a shared services layer for use by internal applications, is one of the largest, albeit hidden use cases. For newcomers to the space peppered with exciting stories of public and open developer programs, this is a shock, but only because internal API management programs aren’t advertised. The prediction here is that your company is probably already running with hundreds of internal APIs that lack management, are difficult to discover and document, and hard to use by internal developers, existing applications and partners. API management opportunities are likely under your nose in the form of exposing these APIs outside or helping your organization share data internally more efficiently.
  3. Mobile enablement will lead the way – APIs expose data to mobile devices. Without them, all of the ‘app’ experiences we have on tablets and smart-phones would be silo’d. Think back to the days of PC computing before modems or the Internet. That is what an app would be like without an API today. Almost every Enterprise we talk to has a mobile strategy that involves moving traditional IT services to an API layer to make new experiences available to their employees, powered by APIs. The prediction here is that second to internal use, mobile enablement will drive the use of API management and security for external interfaces in 2014.
  4. Security concerns will take center stage – As screen types proliferate, Enterprises will need a strategy and approach for API security that covers more than just enabling “OAuth”. As internal systems participate in API management, a security layer will be needed to decouple perimeter defense, denial of service protection, JSON attack protection, compliance, authentication, authorization and message level security. Otherwise, the ability for an Enterprise to scale its APIs externally will be limited by number of security developers and their expertise in the myriad middleware systems and programming languages in use at the Enterprise. The prediction here is that in order to scale their API management programs Enterprises will need to implement an API governance and delivery tier, whether on-premise or in the cloud – done with or without a vendor product.
  5. IoT could be a bull in the china shop – IoT promises a vision of Wireless sensor networks and low powered devices becoming part of the Industrial Internet. Once enabled, data from sensors could and eventually be exposed through APIs. If sensor data converges on REST (or SOAP) as the final consolidation point demand for API management could skyrocket beyond what we have seen to date, possibly altering the Gartner market size estimates in a big way.
  6. API management will be a journey – In 2014, API management will evolve to a suite or platform approach, rather than point tools and the vendor or vendors that can best easily fit into a heterogeneous environment with flexible products will be best positioned to compete. Here is what the journey might look like: Enterprises can start anywhere with API management – some may begin with an open developer program, move to internal API management and then eventually deploy API management in a hybrid architecture. Or, some Enterprises may start only with internal API management and devise a business case and marketing plan for long-tail exposure of their products through an open API developer program. Whenever they start, API management will be an enabler of a particular business model, either driving down costs or providing new sources of value.
API Management Enables Internal APIs

Expressway helps Enterprises power internal and hybrid APIs

The post API Management Predictions for 2014 appeared first on Application Security.

Read the original blog entry...

More Stories By Blake Dournaee

Blake Dournaee is currently the product manager responsible for Intel SOA products. As a product manager at Sarvega, he was deeply involved in the development of their flagship XML security, routing and acceleration appliance products. He was a specialist in applied cryptography applications at RSA Security and was a frequent speaker at many RSA conferences throughout the US and Europe. Dournaee is an established author who wrote the first book on XML Security and co-authored SOA Demystified from Intel press.

@MicroservicesExpo Stories
This week, I joined SOASTA as Senior Vice President of Performance Analytics. Given my background in cloud computing and distributed systems operations — you may have read my blogs on CNET or GigaOm — this may surprise you, but I want to explain why this is the perfect time to take on this opportunity with this team. In fact, that’s probably the best way to break this down. To explain why I’d leave the world of infrastructure and code for the world of data and analytics, let’s explore the timing...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
You often hear the two titles of "DevOps" and "Immutable Infrastructure" used independently. In his session at DevOps Summit, John Willis, Technical Evangelist for Docker, covered the union between the two topics and why this is important. He provided an overview of Immutable Infrastructure then showed how an Immutable Continuous Delivery pipeline can be applied as a best practice for "DevOps." He ended the session with some interesting case study examples.
JavaScript is primarily a client-based dynamic scripting language most commonly used within web browsers as client-side scripts to interact with the user, browser, and communicate asynchronously to servers. If you have been part of any web-based development, odds are you have worked with JavaScript in one form or another. In this article, I'll focus on the aspects of JavaScript that are relevant within the Node.js environment.
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Summer is finally here and it’s time for a DevOps summer vacation. From San Francisco to New York City, our top summer conferences list is going to continuously deliver you to the summer destinations of your dreams. These DevOps parties are hitting all the hottest summer trends with Microservices, Agile, Continuous Delivery, DevSecOps, and even Continuous Testing. Move over Kanye. These are the top 5 Summer DevOps Conferences of 2015.
Countless business models have spawned from the IaaS industry. Resell Web hosting, blogs, public cloud, and on and on. With the overwhelming amount of tools available to us, it's sometimes easy to overlook that many of them are just new skins of resources we've had for a long time. In his General Session at 16th Cloud Expo, Phil Jackson, Lead Technology Evangelist at SoftLayer, broke down what we've got to work with and discuss the benefits and pitfalls to discover how we can best use them to d...
Puppet Labs has published their annual State of DevOps report and it is loaded with interesting information as always. Last year’s report brought home the point that DevOps was becoming widely accepted in the enterprise. This year’s report further validates that point and provides us with some interesting insights from surveying a wide variety of companies in different phases of their DevOps journey.
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at DevOps Summit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Microservices are hot. And for good reason. To compete in today’s fast-moving application economy, it makes sense to break large, monolithic applications down into discrete functional units. Such an approach makes it easier to update and add functionalities (text-messaging a customer, calculating sales tax for a specific geography, etc.) and get those updates / adds into production fast. In fact, some would argue that microservices are a prerequisite for true continuous delivery. But is it too...
What we really mean to ask is whether microservices architecture is SOA done right. But then, of course, we’d have to figure out what microservices architecture was. And if you think defining SOA is difficult, pinning down microservices architecture is unquestionably frying pan into fire time. Given my years at ZapThink, fighting to help architects understand what Service-Oriented Architecture really was and how to get it right, it’s no surprise that many people ask me this question.
One of the ways to increase scalability of services – and applications – is to go “stateless.” The reasons for this are many, but in general by eliminating the mapping between a single client and a single app or service instance you eliminate the need for resources to manage state in the app (overhead) and improve the distributability (I can make up words if I want) of requests across a pool of instances. The latter occurs because sessions don’t need to hang out and consume resources that could ...
"ProfitBricks was founded in 2010 and we are the painless cloud - and we are also the Infrastructure as a Service 2.0 company," noted Achim Weiss, Chief Executive Officer and Co-Founder of ProfitBricks, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Approved this February by the Internet Engineering Task Force (IETF), HTTP/2 is the first major update to HTTP since 1999, when HTTP/1.1 was standardized. Designed with performance in mind, one of the biggest goals of HTTP/2 implementation is to decrease latency while maintaining a high-level compatibility with HTTP/1.1. Though not all testing activities will be impacted by the new protocol, it's important for testers to be aware of any changes moving forward.
The Internet of Things. Cloud. Big Data. Real-Time Analytics. To those who do not quite understand what these phrases mean (and let’s be honest, that’s likely to be a large portion of the world), words like “IoT” and “Big Data” are just buzzwords. The truth is, the Internet of Things encompasses much more than jargon and predictions of connected devices. According to Parker Trewin, Senior Director of Content and Communications of Aria Systems, “IoT is big news because it ups the ante: Reach out ...
"We got started as search consultants. On the services side of the business we have help organizations save time and save money when they hit issues that everyone more or less hits when their data grows," noted Otis Gospodnetić, Founder of Sematext, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Learn how to solve the problem of keeping files in sync between multiple Docker containers. In his session at 16th Cloud Expo, Aaron Brongersma, Senior Infrastructure Engineer at Modulus, discussed using rsync, GlusterFS, EBS and Bit Torrent Sync. He broke down the tools that are needed to help create a seamless user experience. In the end, can we have an environment where we can easily move Docker containers, servers, and volumes without impacting our applications? He shared his results so yo...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...