Runscope API Monitoring    Learn More →

Keeping Sensitive Information Secure with Secrets Management

Keeping Sensitive Information Secure with Secrets Management

By Heitor Tashiro Sergent on .

We are very excited to announce a new feature for our enterprise customers: secrets management! Users can now easily create and manage sensitive information, such as API key or access tokens, and include them in their API monitors without exposing them in test results or 3rd-party integrations.

This feature request has been brought to us by a few customers, especially ones in highly regulated spaces such as finance, or healthcare, but we believe all of our enterprise customers will be able to benefit from it. Here at Runscope, we take extreme care with the security of our users' information, and we also like to provide tools for customers that will help them maintain any security standards they might have internally.

So, how does secrets management work?

Read More →

Categories: testing, product, monitoring, howto


What Developers Can Do to Help Achieve High Availability

What Developers Can Do to Help Achieve High Availability

By Theo Despoudis on .

Whose job is it to achieve high availability? Your first thought may go to the IT Ops folks. After all, they are the ones who are responsible for provisioning infrastructure, monitoring for problems and resolving incidents quickly in order to minimize service disruptions.

Yet the burden of high availability should not be on IT Ops alone. Developers play an important role too in making sure that applications and the infrastructure that hosts them are highly available. Let’s explore how in this article.

Defining Availability

For the uninitiated, availability denotes the degree to which a system or a subsystem is in a functional state. Typically this is expressed […]

Read More →

Categories: apis, monitoring


Using OpenAPI to Improve Daily Life as an Engineering Team

Using OpenAPI to Improve Daily Life as an Engineering Team

By Mike Mackrory on .

In part one of this series, we talked about the OpenAPI framework and the concept of API-First development. In this second and final part, I’d like to demonstrate how this framework and these principles can be applied in the day-to-day functioning of a technology organization to increase velocity and improve the effectiveness of your development activities.

I’ll start by describing the problems we faced as an organization and how we used these principles to not only solve those problems but also improve how we were able to develop applications. As with any process, our implementation had some hiccups, but we learned valuable lessons. Through sharing these lessons, I’m hopeful that I can enable more people to be successful if they decide to implement an API-First method in their organizations.

Read More →

Categories: apis, openapi, swagger


Getting Started with the OpenAPI Specification

Getting Started with the OpenAPI Specification

By Mike Mackrory on .

When I’m not writing articles, I work for a large software organization. We have lots of engineering teams, all of which contribute to specific elements of a sophisticated, versatile and highly available commerce platform. We’ve chosen an API-First approach to accelerate development and enhance collaboration between domains.

Because APIs are so central to how our software runs, documenting our APIs is essential for making sure that everyone across our large IT organization understands what is going on. That’s why we use OpenAPI to help document API specifications.

In this article, I’m going to introduce you to the OpenAPI specification and API-First development principles. In a subsequent article, I’ll describe how our teams use the API-First approach to support our engineering endeavors. […]

Read More →

Categories: swagger, openapi, apis


Integrating Runscope with CA API Management

By Heitor Tashiro Sergent on .

Since we were acquired by CA Technologies back in September 2017, we have been hard at work on adding new features and integrating with CA existing products.

Now we're really happy to announce that you can easily import your endpoints from CA API Management solution into Runscope, and start monitoring your APIs in a matter of minutes!

This new integration is available today for all customers on a paid plan. For Runscope customers that might be interested in our CA API Management solution, you can find more information here.

For CA API Management customers […]

Read More →

Categories: tutorial, product, integrations


Best Practices for API Security: Avoiding Common Security Vulnerabilities

By Scott Fitzpatrick on .

It’s fairly easy to see that API security can be of the utmost importance when designing and implementing an interface that might be used by another entity over which you have no control. By allowing another organization to interact with your application directly, you are putting your data at risk.

Taking the appropriate security measures throughout the design process can ensure that your API is used properly by those you allow to interact with your application. Such measures include the utilization of an effective strategy to authenticate the application employing your API, taking steps to ensure that the client application is authorized to perform the actions they are attempting through your API, and bulletproofing against common API vulnerabilities such as XSS and SQL injection.

In this article, we’ll take a look at API security best practices and discuss strategies for securing APIs. […]

Read More →

Categories: apis, security


Everything is going to be 200 OK®