Loading…
Nashville, TN
September 24 - 26, 2018
Click Here For Information & Registration

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Workshop [clear filter]
Monday, September 24
 

1:30pm

A Tour of Mobile API Protection - Skip Hovsmith, CriticalBlue
Follow the ShipFast courier service’s evolving mobile API security approach as it beats back malicious ShipRaider.

We start with static API keys and OAuth2 user authorization, discussing API security threats and how to counter them. Along the way, TLS, certificate pinning, HMAC call signing, app hardening, white box crypto, app attestation and more are considered to strengthen your API security posture, but ShipRaider will be working hard trying man in the middle attacks, app decompilation and debugging, exploit frameworks, and other reverse engineering techniques to keep stalking you. It's a quick overview of the cat and mouse API protection problem and gives a sense of emerging tools and techniques required to protect your mobile APIs.

You'll walk away with access to fully worked open source examples and some additional homework assignments if you want to go deeper.

Speakers
SH

Skip Hovsmith

VP Growth, CriticalBlue


Monday September 24, 2018 1:30pm - 3:00pm
Davidson Ballroom B2
  • Skill Level Any

1:30pm

Hands-On Introduction to OpenAPI 3.0 – Ron Ratovsky, SmartBear, Ted Epstein, RepreZen, & Emmanuel Paraskakis, Oracle
Please join us for a hands-on workshop on OpenAPI 3.0. You can drop-in for this session only or stay for the advanced workshop right after.  Be sure to bring your own laptop to participate. This will be an OpenAPI Specification Technical Overview/Workshop - A hands-on training session introducing essential capabilities of OpenAPI and its most commonly used features.

You will learn:
  1. What’s OpenAPI 3.0
  2. OpenAPI and Server Objects
  3. Paths and Path Parameters
  4. GET Operation and Responses
  5. Query and Header Parameters
  6. POST, PATCH, and PUT
  7. Documentation with markdown



Speakers
avatar for Emmanuel

Emmanuel

Sr. Director of Product Management, Oracle API Platform, Oracle
Emmanuel has been working on delivering APIs for customers for over a decade and is a passionate member of the API Community. The last three years he has been crafting API tooling as part of Apiary, recently acquired by Oracle.Currently, he is heading up Product Management for Oracle’s... Read More →
avatar for Ted Epstein

Ted Epstein

CEO, RepreZen
Ted Epstein, CEO of RepreZen, has been helping organizations succeed with API strategy and architecture for over 10 years. Ted participates in the OpenAPI Technical Design Community as a governing board member, and leads the architecture of RAPID-ML, the first API description language... Read More →
avatar for Ron Ratovsky

Ron Ratovsky

Swagger Developer Evangelist, SmartBear


Monday September 24, 2018 1:30pm - 3:00pm
Davidson Ballroom B1
  • Skill Level Any

1:30pm

Secure APIs Development Workshop - Krishan Veer, Cisco DevNet
API's are awesome! API's provide programmability & stickiness to products and services. The most important aspect of developing APIs in critical infrastructure products is to ensure that overall service security is maintained. It is often difficult to ensure that new API's do not increase the threat surface or introduce any new vulnerabilities into current or future services. Customers and partners are depending on you to minimize this vulnerability exposure risk as they adopt programmability. This hands-on workshop session is designed to create a security-first mindset as you develop and test new API's.

Speakers

Monday September 24, 2018 1:30pm - 3:00pm
Davidson Ballroom A 2/3
  • Skill Level Any

1:30pm

Taming Your API - Sachin Agarwal, LaunchDarkly
APIs are frequently born internally, feral. As your product and organization mature, it becomes important to make your APIs consumable by other parts of your organization and by external users. This talk is about how to take a wild API and turn it into something that everyone can use. Heidi will include strategies on increasing usability, promoting cultural change around the API, and iteratively improving the user experience.

Topics covered will include
* evaluating your existing API to discover, name, and sort existing structures.
* training and promoting simultaneous API and culture change.
* describing and promoting your changes.

Speakers
SA

Sachin Agarwal

Principal Product Manager, LaunchDarkly
Sachin is a Principal Product Manager at LaunchDarkly. He is also the organizer of Empower, a conference for B2B product and growth leaders and the founder of Braid, a platform for project management built into Gmail, Google Calendar, and Slack.  Prior to LaunchDarkly, he was VP... Read More →



Monday September 24, 2018 1:30pm - 3:00pm
Davidson Ballroom A1
  • Skill Level Any

3:30pm

OpenAPI 3.0 Advanced Users’ Workshop - Ron Ratovsky, SmartBear, Ted Epstein, RepreZen, & Emmanuel Paraskakis, Oracle
Please join us for an advanced hands-on workshop on OpenAPI 3.0. Be sure to bring your own laptop to participate. This will be an OpenAPI Specification Technical Overview/Workshop.

A hands-on training session with more advanced features and 3.0 specific features, suitable for developers who already know v2 and want to know what’s new in the current version. Ends with a preview of the future release.

You will learn about:
  1. Schema Objects
  2. External References
  3. Form Data
  4. Links and Callbacks
  5. Security Schemes
  6. XmlExample



Speakers
avatar for Emmanuel

Emmanuel

Sr. Director of Product Management, Oracle API Platform, Oracle
Emmanuel has been working on delivering APIs for customers for over a decade and is a passionate member of the API Community. The last three years he has been crafting API tooling as part of Apiary, recently acquired by Oracle.Currently, he is heading up Product Management for Oracle’s... Read More →
avatar for Ted Epstein

Ted Epstein

CEO, RepreZen
Ted Epstein, CEO of RepreZen, has been helping organizations succeed with API strategy and architecture for over 10 years. Ted participates in the OpenAPI Technical Design Community as a governing board member, and leads the architecture of RAPID-ML, the first API description language... Read More →
avatar for Ron Ratovsky

Ron Ratovsky

Swagger Developer Evangelist, SmartBear


Monday September 24, 2018 3:30pm - 5:00pm
Davidson Ballroom B1

3:30pm

Practical SecDevOps for APIs - Isabelle Mauny, 42Crunch
In an ever agile world, API security must become a commodity. By working with security "ON" as early as possible, API developers can detect vulnerabilities when they are easy to fix. By continuously testing APIs for issues, they can ensure vulnerabilities do not sneak in later in the lifecycle. In this session, Isabelle presents a SecDevOps methodology and shares practical solutions for API security assessment, API protection and security monitoring.

Speakers
avatar for Isabelle Mauny

Isabelle Mauny

CTO, 42 Crunch
Isabelle has more that 20 years of experience in the integration fields. She spent most of her career at IBM in various roles (presales, services, product management). She started working on services and APIs more than 10 years ago and introduced in Europe the first XML gateways... Read More →



Monday September 24, 2018 3:30pm - 5:00pm
Davidson Ballroom A 2/3

3:30pm

Turning External Services to Internal APIs - Chris Phillips, IBM

It is common practise to expose APIs of internal services, but APIifying external services / APIs is not so common. However, doing so provides many advantages! These include consistent interface (even when moving between external providers), tracking the internal consumption of the external providers or adding throttling to ensure you don’t accidently performance test on a pay by consumption service.

This session will go through a number of strategies for turning external services to Internal APIs. It will also look at the advantages of each approach.

Speakers
avatar for Chris Phillips

Chris Phillips

SWAT Integration Architect, IBM
Chris is a world leader in designing large scale API environments for large institutions. Whether working with Open Banking or enabling new channels in the API Economy, Chris has designed and implemented solutions. Based in IBM’s UK Hursley Lab, Chris is one of the youngest IBM... Read More →


Monday September 24, 2018 3:30pm - 5:00pm
Davidson Ballroom B2
  • Skill Level Any

3:30pm

Usable APIs at Scale With Protocol Buffers and gRPC - Tim Burks & Andrew Gunsch, Google
This half-day tutorial introduces Protocol Buffers, gRPC, and the open source tools that Google uses to publish and support some of the world's biggest APIs. We'll show how the Protocol Buffer language allows APIs to be described, reviewed, and implemented in a programming-language independent way, how gRPC enables high-performance streaming APIs, and how \ a few simple conventions can enable related tools to serve robust REST APIs and generate production-quality client libraries in seven popular programming languages. This is API publishing the Google way, but large teams aren't required. With shared open-source tooling, even the smallest developer can build scalable, usable APIs that delight.

Speakers
avatar for Tim Burks

Tim Burks

Staff Software Engineer, Google
Tim Burks spent a decade building Electronic Design Automation systems and another building mobile apps. Now he's focused on the thing that holds them all together. In 2016 he joined the world's biggest API company where he works on open source tools to help developers build and use... Read More →
avatar for Andrew Gunsch

Andrew Gunsch

Senior Software Engineer, Google
As of 2018, Andrew leads the Google Cloud Endpoints team, bringing API Management functionality to Google Cloud Platform. Talk with him about APIs, developer portals, OpenAPI, and GCP more generally.



Monday September 24, 2018 3:30pm - 5:00pm
Davidson Ballroom A1