Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

A Dedicated Security Page for Your API Portal

DZone's Guide to

A Dedicated Security Page for Your API Portal

While looking through DataDog, I came across their thorough security page. It provided some interesting building blocks that I will add to my API security research.

· Integration Zone
Free Resource

Modernize your application architectures with microservices and APIs with best practices from this free virtual summit series. Brought to you in partnership with CA Technologies.

One area I am keeping an eye on while profiling APIs and API service providers is any security-related practices that I can add to my research. While looking through DataDog, I came across their pretty thorough security page, which provided some interesting building blocks that I will add to my API security research. This is all I do as the API Evangelist: aggregate the best practices of existing providers and shine a light on what they are up to. 

On their security page, DataDog provides details on physical and corporate security, information about data in transit, at rest, as well as retention, including personally identifiable information (PII), and details surrounding customer data access. They also provide details of their monitoring agent and how it operates, as well as how they patch, employ SSO, and require their staff to undergo security awareness training. The important part of this is that they encourage you to disclose any security issues you find. It's critical for providers to encourage this.

Transparency when it comes to security practice is an important tool in our API security toolbox. It is important that API providers share their security practices like DataDog does, helping build trust, and demonstrate competency when it comes to operations. I'm working on an API security page template for my default API portal, and DataDog's approach provides me with some good elements I can add to my template.

The Integration Zone is proudly sponsored by CA Technologies. Learn from expert microservices and API presentations at the Modernizing Application Architectures Virtual Summit Series.

Topics:
security ,api ,integration ,datadog

Published at DZone with permission of Kin Lane, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}