Salt Security Raised $140 Million, Kong Gets More Performant, WSO2 Updates Ballerina
This is issue 2022.06 of the API Changelog, a weekly mix of API news, commentary, and opinion. In this issue, you’ll get to know the most relevant API-related information from the week of February 7, 2022. Subscribe now, so you never miss an issue of the API Changelog.
Funding and M&A
Salt Security, an API security company, raised $140M in a Series D round. CapitalG led the investment, with participation from Y Combinator, Sequoia Capital, and Advent International, among others. After the operation, the company valuation is $1.4B.
Sardine, a fraud prevention as a service company, raised $19.5M in a Series A round. Adreessen Horowitz led the investment, with participation from Nyca Partners, and Experian Ventures.
Brick, a fintech API provider, raised $8.5M in a Seed round. Antler led the investment, with participation from Flourish Ventures, Rally Cap Ventures, and Better Tomorrow Ventures, among others.
Canonic, a cybersecurity startup, raised $6M in a Seed round. First Round Capital led the investment, with participation from Operator Partners, SV Angel, and Elron Electronic Industries, among others.
Treepoints, a carbon offset service, raised £150K in a Pre-Seed round. Charlotte Street Capital led the investment, with participation from Alistair and Jonny Brownlee.
Cloudflare acquired Vectrix, a SaaS security scanning company. According to Help Net Security, the acquisition expands “Cloudflare’s existing Zero Trust platform, Cloudflare One, by allowing security teams to scan third-party tools to detect and mitigate issues such as inappropriate file sharing and user permission misconfigurations.”
Facebook’s acquisition of Giphy received approval from an antitrust court in Austria. KFGO reported that “an antitrust court in Austria approved with conditions Facebook’s purchase of animated images’ platform Giphy, in a boost for the social media giant after a UK watchdog said the deal should be reversed.”
Announcements
Nylas announced new omnichannel reminders for its Calendar API. The new solution lets you “send custom reminders for upcoming events via SMS, Email, Slack, and MS Teams.”
Kong announced the release of Kong Enterprise 2.7. This release “features faster performance, including 25% increased throughput (capacity) and improved latency (speed) over already highly performant previous versions.”
WSO2 announced the launch of Ballerina 2201.0.0 (Swan Lake). SDTimes reports that Ballerina’s latest version provides “bidirectional mapping of sequence diagrams and code, allowing developers to switch between working with traditional code and low-code as needed.”
APILayer announced the expansion of its API marketplace. The marketplace “offers both free and paid solutions in categories such as Natural Language Processing (NLP), Machine Learning, and Security.”
Picsart, a digital creation platform, announced the release of an API program called Picsart for Developers. According to TechCrunch the APIs include, among other features, “a remove background feature, an upscale function that enlarges and enhances content without losing quality and a style transfer feature that transfers the look of any source image to elevate its style.”
API-first
David Curry wrote “The Embracement of API-centric Models.” In this article, David explains what an API-centric approach to digital transformation does. The author goes deep into topics such as data silos, digital collaboration, and secure workflows.
Carlos Schwabe wrote “How to build a scalable architecture for your Webservice — from Day 1.” This piece explores the tools and methodologies that the author used to implement a scalable web service architecture.
Neeraj Kushwaha wrote “Microservices Design Patterns.” Neeraj divides the patterns into layers and explores each layer individually. You can find different patterns inside the application, application infrastructure, and infrastructure layers.
Management
Gleb Polyakov wrote “How API Investments Can Help Navigate The Labor Shortage.” This piece goes through the different ways APIs can help you when you can’t find the appropriate people to hire. Gleb defends that APIs can, among other things, automate business workflows, improve internal and external communication, and help to make decisions.
Help Net Security published “Organizations still struggling to use APIs effectively.” The article goes through a survey that RapidAPI promoted recently and shares what the challenges to API usage are. According to the author, organizations are still facing challenges in API management, security, access control, and collaboration.
Practice
Karim Marabet wrote “Testing a Rails API with RSpec.” This article is a how-to on how to create an API using Rails and on how to test it using RSpec. The author explains all the steps required to get an API fully tested and running.
Birzu Alexandru-Adrian wrote “Use Postman for IDCS API calls.” In this piece, Birzu explains how to make API calls to Oracle Identity Cloud Service (IDCS) using Postman.
Alastair Parker wrote “Creating OpenAPI specifications with Jargon.” In this article, Alastair shares how you would design an API using a tool called Jargon. The author goes from defining the data model of your API to having a full OpenAPI definition ready to be used.
Matt Tesauro wrote “Shift Left API Testing: The Manual API Testing Process.” Matt explains what “shift left testing” actually is and shares the steps to achieve it.
Security
Krishnaraj Subburayalu wrote “How an API Gateway Secures APIs.” This article goes through all the pillars of API security that a well-designed API should support. It then shares which of those pillars an API gateway supports.
David Bisson wrote “Blocking API Attacks: 3 Things To Consider.” In this article, David shares his view of why API security incidents have been happening, and what are the important things to consider defending yourself.
Jason Needham wrote “Three ways enterprises can prevent the next API data breach.” In this piece, the author shares a few examples of recent data breaches and security issues with popular APIs. Jason then goes through the things that you can do to prevent private data from being obtained through your API.
Salesforce Architects published “Security Best Practices for API Access and Internal System Users.” The article explains the types of users that APIs can have and how they can access. For each type of user, the authors propose security best practices for your API.
