API Trends: Platform Engineering, Decoupling, and the Role of AI

Others 2024-05-04 02:49:45 views: null

A panel of industry experts explores the key trends shaping the API landscape in recent months.

Translated from API Trends: Platform Engineering, the Unbundling and AI's Role , by Lori Marshall.

It can be challenging to find what really matters to developers amid the noise of marketing hype. Recently, at Ambassador, we curated a panel of industry experts covering the world of API development to explore the key trends shaping the API landscape in recent months. Now, let's consider what's really worth paying attention to and what's just background noise.

There is no general consensus on the Great Decoupling

Despite the buzz that Gartner, Kong, and other industry experts have made in the industry over the past six months, the Great Decoupling Theory of API Management remains a controversial topic. The idea of ​​“ big decoupling ” focuses on moving away from a single full suite of tools toward best-of-breed niche solutions. Some of our experts view this as a more negative stance, explaining that most enterprises they work with don't want to invest the time, resources, and budget to integrate different API management tools into their delivery pipelines.

A lot of my clients are very frustrated that there’s not an easy way to bring all these tools together, so it’s not as easy as some people think,” shared James Higginbotham, industry panelist and API consultant at Launch Any . So easy. "

However, another panelist, Keith Casey, believes the decoupling is a nod to what has been going on behind the scenes for years - it's only now public. He noted that while many companies claim to have standardized a set of tools, in reality, microgateways, for example, are being deployed throughout the organization. Everyone agrees that no matter which route a developer chooses, better tool integration and packaging will make things easier. In short: the strategy you apply to your API development process is more important than the number or lack of tools you add to your technology stack.

"Developers have two goals in life: build something useful and go home. Right now, there are so many things preventing us from building something useful that we can't go home, and it's frustrating."

– Keith Casey, Senior Product Manager at [Pangea]

AI is a double-edged sword in API security

As AI systems become more integrated into everyday applications and processes, the data exchanged through APIs becomes increasingly sensitive, potentially exposed, and valuable. Securing these APIs is critical to preventing potential breaches, data leaks, and unauthorized access. As the potential consequences of security breaches become more severe in the AI ​​era, one clear conclusion from the panel discussion was that we must prioritize implementing strict security protocols to protect API infrastructure and the sensitive data it handles.

Casey shared: “Every time we think, ‘Oh, no one is going to do that with our API,’ we need to look back and rethink our assumptions. We need to assume that someone is going to do that with our API, But realizing that person might not be human."

Panelist Dan Barahona, founder of APIsec University , highlighted the ongoing intertwining relationship between APIs and AI and the impact this relationship has on API security. There are serious concerns that AI could be used as an attack vector. It is becoming increasingly easier to execute extremely sophisticated attacks. On the other hand, AI is also very likely to be used in defense and security.

"We need to ask how we can leverage AI for defense and how we can proactively defend against AI security attacks," said Barahona. "We need to evaluate both sides of the security coin. All API practitioners should ask themselves, 'How do we incorporate AI into our security tools?' '"

Technology leaders should assume that their developers are already using AI heavily as an exploration and testing tool, and that this use will only increase as the technology advances. Establish your AI policies and best practices now and hire developers who have a deep understanding of how to maximize the capabilities of AI tools, while recognizing that no tool can completely replace a strong developer.

Additionally, our panelists noted that there appears to be a strong push in the security field to "Shift Security Left" as opposed to the controversial "Shield Right" which focuses on taking passive security measures, To protect deployed systems from potential threats, Shift Left, on the other hand, prioritizes proactively integrating security early in the development process to prevent vulnerabilities, such as early integration of tools like API Gateway ( https://www. getambassador.io/products/edge-stack/api-gateway/security-authentication). This early integration allows security features to be built into the development process, consistent with the "shift left" philosophy of addressing security issues early.

From center of excellence to center of empowerment

While platform engineering is taking the world by storm, we first need to pump the brakes and get the basics right. Sometimes the myth about platform teams or centers of excellence (COE) is that they are making statements from an ivory tower rather than being an integral part of the solution to DevOps challenges. Panelists agreed that the focus needs to evolve from "How do I manage this platform?" to "How do I help people be more productive?"

“Taking a step back a little bit and stepping out of the platform engineering craze, platform engineering is very internally focused and massive right now, and we need to do a lot of automation enablement work for our developers before we can even talk about platforms,” Higginbotham shared road. "Let's move the conversation to focus on API enablement and look at enablement centers or centers of excellence."

Casey echoed Higginbotham's sentiments, saying the move to a center for enablement (C4E) is key to successful real-world platform engineering. He contrasted the mentality of serving and helping people be more productive with the traditional approach of issuing high-level statements and expecting developers to blindly follow them.

"The COE is focused on enabling API designers, provisioning teams, and consumers, rather than being so focused on the code that implements and delivers the API," Higginbotham shared.

For example, if you have a team building an API, there might be 150 different teams within the organization using it, which means that without a lean platform team, you might be working with those 150 stakeholders every time Exact same conversation.

Investing in a solid platform team that takes a COE approach means you're investing in appropriate documentation, support, code samples, and other resources that can reduce or eliminate these conversations altogether. Additionally, these resources can better enable consumers to start using your API.

So, the conclusion is: yes, platform engineering is increasingly important in API development, as long as we focus on delivery enablement and developer enablement first. Your platform strategy and COE should work together to achieve true API success.

at last

These are not new concepts, but the approach and due diligence that API development leaders take toward these trends will make a world of difference in whether their developers are able to respond positively. For more information, check out the full technical discussion from the API Management team on our YouTube channel .

This article was first published on Yunyunzhongsheng ( https://yylives.cc/ ), everyone is welcome to visit.

The Google Python Foundation team was laid off. Google confirmed the layoffs, and the teams involved in Flutter, Dart and Python rushed to the GitHub hot list - How can open source programming languages ​​and frameworks be so cute? Xshell 8 opens beta test: supports RDP protocol and can remotely connect to Windows 10/11. When passengers connect to high-speed rail WiFi , the "35-year-old curse" of Chinese coders pops up when they connect to high-speed rail WiFi. MySQL's first long-term support version 8.4 GA AI search tool Perplexica : Completely open source and free, an open source alternative to Perplexity. Huawei executives evaluate the value of open source Hongmeng: It still has its own operating system despite continued suppression by foreign countries. German automotive software company Elektrobit open sourced an automotive operating system solution based on Ubuntu.
{{o.name}}
{{m.name}}

Guess you like

Origin my.oschina.net/u/6919515/blog/11076253
Recommended
Ranking
MyEclipse will not use the Breadcrumb navigation? Do not look at you OUT
The use substantially react (schematic)
linux common commands shorthand
Implement iterator (__next __, __ iter__)
MySQL in the redo log files
Live Preview | The Practice of Operations Research in Supply Chain Material Requirement Planning
Network commonly used python functions
js barrage, menu options, and eliminate pop stars
Small stature big problems, talk about small companies, large companies disease
Basic knowledge, core concepts and some practical development skills of Flutter
Daily
More
2025-02-03(0)
2025-02-02(0)
2025-02-01(0)
2025-01-31(0)
2025-01-30(0)
2025-01-29(0)
2025-01-28(0)
2025-01-27(0)
2025-01-26(0)
2025-01-25(0)

Code World

© 2018 codetd.com