 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
APIs are the lifeblood of the internet, enabling seamless communication between applications, services, and devices. With the rise of AI technologies, APIs have taken on even greater strategic importance, powering intelligent applications, large language models (LLMs), and complex ecosystems. However, this rapid evolution presents significant challenges in terms of discovery, security, standardization, and governance.
I recently had the privilege of hosting a roundtable discussion featuring panelists Joni Klippert (CEO of StackHawk), Rodric Rabbah (Head of Product at Postman), and Alex Drag (Head of Product Marketing at Kong). These industry leaders highlight key issues and emerging approaches that are shaping modern API management in the era of AI.
As APIs proliferate across organizational environments, maintaining a comprehensive and up-to-date inventory becomes increasingly challenging. Alex Drag of Kong discusses at length the challenges with wrangling APIs across multiple gateways. At the same time, Joni Klippert of StackHawk notes that security teams often overlook only a fraction of the total API landscape, exposing organizations to significant security risks due to these blind spots.
To address this, the panel emphasizes the importance of having a centralized place to discover and view APIs across an organization, including metadata such as ownership, security policies, and usage monitoring. Techniques such as code-based scanning and integrations with existing developer tools help improve visibility and control, enabling organizations to keep pace with their expanding API ecosystems.
Moving from reactive to proactive security practices is also a recurring theme in the conversation. StackHawk’s focus on testing APIs during development underscores the importance of identifying vulnerabilities early. The concept of “security debt” — the accumulation of untested or insecure APIs — poses a significant threat to organizations.
Postman’s Roderick stresses the importance of continuous monitoring, scanning, and securing APIs even before deployment. Aligning developer incentives and offering clear security guidance fosters proactive behavior, reducing the risk of breaches and enhancing overall API resilience.
Keeping API documentation current and accurate remains a core challenge. Developers often view documentation as a burdensome chore, leading to gaps that can hinder security and governance. StackHawk advocates for AI-powered solutions that automatically generate API specifications from source code, reducing manual effort and improving accuracy.
Another issue is a lack of standardization within organizations. Rodric Rabbah of Postman acknowledges that diversity in API gateway implementations complicates this effort, but ultimately concludes that maintaining a consistent, centralized API landscape is crucial for governance and security assurance in rapidly evolving environments.
APIs are increasingly seen as strategic assets capable of generating revenue through monetization models, both internally and externally. The advent of AI and LLMs introduces new layers of complexity and opportunity — necessitating better governance, security, and visibility.
Drag opens a discussion on the evolution of API management tools to support emerging use cases, including API scorecards and the Model Composition Protocol (MCP). As the convergence of APIs and AI accelerates, organizations must adapt their management strategies to ensure security, cost control, and operational agility.
The roundtable discussion paints a comprehensive picture of the challenges and solutions shaping modern API management. As APIs become increasingly intertwined with AI, organizations require proactive, centralized, and automated tools to discover, secure, and govern their digital assets effectively.
Vendors like Kong, Postman, and StackHawk are leading the charge from different angles, offering innovative approaches that address the complex realities of today’s API landscape. By embracing these solutions, organizations can unlock the full potential of AI-driven innovation while maintaining security, compliance, and operational efficiency.
The Modern Observability Roundtable: AI, Rising Costs and OpenTelemetry
