Last week I discussed design considerations for APIs, given that APIs aren't applications and shouldn't be treated as such. At small scales, APIs that come along for the ride with bulky Web frameworks might be fine, but beyond that you're asking for trouble. If you're building an API that will serve a large number of clients, your API code should be thin and tight, as well as make liberal use of caching. Otherwise, the future headaches will be crippling.
- AusCERT 2017 – Changes to Cybersec Laws Need Holistic Thinking
- The week in security: Adjusting to WannaCry’s “new normal” as authorities float IoT security baseline
- Does third-party security awareness training work?
- Government security tick validates TechnologyOne’s secure-cloud culture
- Samba flaw exposes Synology's Linux SANs to WannaCry-like attack