Last week I discussed design considerations for APIs, given that APIs aren't applications and shouldn't be treated as such. At small scales, APIs that come along for the ride with bulky Web frameworks might be fine, but beyond that you're asking for trouble. If you're building an API that will serve a large number of clients, your API code should be thin and tight, as well as make liberal use of caching. Otherwise, the future headaches will be crippling.
- The week in security: A Parliament of howls as nation-state, BEC attacks fly thick and fast
- Attackers place crypto-jacking apps in Microsoft App Store
- Data breaches exposed 5 billion records in 2018.
- Users are still terrible with passwords, but popularity of security apps suggests they want to get better
- Business email compromise attacks surge as ransomware trails off