Runscope API Monitoring    Learn More →

Integrating Runscope with CA API Management

By Heitor Tashiro Sergent on .

Since we were acquired by CA Technologies back in September 2017, we have been hard at work on adding new features and integrating with CA existing products.

Now we're really happy to announce that you can easily import your endpoints from CA API Management solution into Runscope, and start monitoring your APIs in a matter of minutes!

This new integration is available today for all customers on a paid plan. For Runscope customers that might be interested in our CA API Management solution, you can find more information here.

For CA API Management customers […]

Read More →

Categories: tutorial, product, integrations

Best Practices for API Security: Avoiding Common Security Vulnerabilities

By Scott Fitzpatrick on .

It’s fairly easy to see that API security can be of the utmost importance when designing and implementing an interface that might be used by another entity over which you have no control. By allowing another organization to interact with your application directly, you are putting your data at risk.

Taking the appropriate security measures throughout the design process can ensure that your API is used properly by those you allow to interact with your application. Such measures include the utilization of an effective strategy to authenticate the application employing your API, taking steps to ensure that the client application is authorized to perform the actions they are attempting through your API, and bulletproofing against common API vulnerabilities such as XSS and SQL injection.

In this article, we’ll take a look at API security best practices and discuss strategies for securing APIs. […]

Read More →

Categories: apis, security

How to Write Your First AWS Lambda Function

How to Write Your First AWS Lambda Function

By Mike Mackrory on .

Have you been looking for a quick and straightforward guide to writing your first AWS Lambda function? If so, we have got you covered. This article explains everything you need to know to create your first Lambda function, and how to upload and run it in the AWS Cloud.

AWS Lambda in a Nutshell

AWS Lambda is a serverless computing platform that allows engineers to create a small function, configure the function in the AWS console, and have the code executed without the need to provision servers—paying only for the resources used during the execution. As many organizations move towards implementing serverless architectures, AWS Lambda would be the central building block they’ll use. […]

Read More →

Categories: apis, code samples, serverless, tutorial

Synthetic Monitoring vs. API Monitoring: Why You Need Both

Synthetic Monitoring vs. API Monitoring: Why You Need Both

By Chris Riley on .

There are so many different types of monitoring in the DevOps world today that it can be easy to lose track of them. There’s application performance monitoring and infrastructure monitoring. There’s user experience monitoring, uptime monitoring and real-user monitoring.

And then there’s synthetic monitoring and API monitoring—two types of monitoring that can seem similar, but are actually quite different.

Let’s take a look at what synthetic monitoring and API monitoring have in common, how they differ, and which types of use cases each supports. […]

Read More →

Categories: monitoring

Serverless Computing Platforms—It’s Not All Cloud

Serverless Computing Platforms—It’s Not All Cloud

By Eric Bruno on .

When cloud computing came into vogue, some viewed it as simply running software in someone else’s data center, or the proliferation of virtualization. But as cloud has matured, it has become clear that cloud computing, public or private, is an industry-changing paradigm shift.

In a similar way, some view serverless computing as nothing more than a meta-definition for cloud computing. But like cloud computing, serverless means so much more.

For example, Platform-as-a-Service (PaaS) offerings are often too prescriptive and confining, and Infrastructure-as-a-Service (IaaS) can be both too generic and too limiting. The true serverless movement is more abstract, promoting computing in the small (think microservices), right-sized APIs, stateless components, and reliable units of processing that are similar to transactions, yet lighter weight and less restrictive.

Whether these components run on one server or 100, on your desk, or in the cloud should be of no concern. What’s important is that serverless computing enables you to focus more closely on solving a problem without spending time building servers, installing an OS, worrying about patches and upgrades, or network, security issues, and so on. […]

Read More →

Categories: serverless

7 Tips for Building an API

7 Tips for Building an API

By Theo Despoudis on .

As of 2018, businesses are relying more and more on APIs to serve their clients. Microservices and serverless architectures are becoming increasingly prevalent, and that creates a higher number of required API integration points to ensure a competitive advantage and business visibility.

APIs should be designed from the ground up with these needs in mind. In this article, I discuss seven design tips for APIs that can help to meet these goals. (I should note that these insights are based on my experience building APIs for mobile clients, but the lessons apply more broadly to include API design of any type.)

1. Treat your API as a Product

A key factor when starting with any sort of development is the notion of the product. It defines the stand-alone entity that exposes useful functionality and benefits to the market. It is no easy task to design and implement an API that is easily consumable, scalable, properly documented and secured without having a strong sense of responsibility and ownership in the process. […]

Read More →


Everything is going to be 200 OK®