*API KEYNOTES & FEATURED SPEAKERS

Wednesday, October 28, 2020

- PDT
OPEN TALK (API): KYD: Know Your Developer
Join on Hopin
Tanya Vlahovic
Tanya Vlahovic
eBay, Distinguished Architect and Head of Developer Ecosystem

The vision of any API program is to deliver a world-class developer experience that enables partners to be inventive, provide their users with fantastic experience, and propel their business into the future. APIs are everywhere nowadays, allowing organizations to connect with the world digitally. Developers come in all shapes and sizes. They combine building blocks that organizations provide in a unique way. So, API consumers are instrumental in shaping APIs. The API providers and the API consumers share the success. It is crucial for organizations to have visibility into the way developers use their capabilities. By doing this, API providers can assess the value the APIs bring and understand benefits coming from third-party integrations. This talk is meant for technical people involved in creating interfaces that empower 3rd party developers as well as API evangelists. Well-designed and managed APIs that developers love are true elements of success.

- PDT
KEYNOTE (API): IBM -- What's Next: Digital / API Ecosystems, Marketplaces and Platforms
Join on Hopin
Alan Glickenhouse
Alan Glickenhouse
IBM, Digital Transformation and API Business Strategist


Many businesses are considering or beginning to create Digital Ecosystems, API Marketplaces, and positioning themselves as a Digital Platform. All of these are exciting areas having significant business value – thus they are extremely attractive opportunities! But all of them also come with challenges, requiring you to earn your position in the Digital economy. This session discusses each of Ecosystems, Marketplaces, and Platforms individually and positions how they relate to each other. For each, the session describes a simple (okay, relatively simple) getting started scenario and envisions more advanced capabilities that can be added for extra value as you progress in your journey.

- PDT
Plenary Keynote (API): Visa -- Restful Shmetsful - What’s With API Usability
Join on Hopin
Sumit Amar
Sumit Amar
Visa, Sr. Director of Engineering, Architecture, and Product

APIs that are modern, RESTful, and rich with Usability could make all the difference in onboarding new clients to your business. This session covers usability best practices in exposing basic and complex business functions via simple APIs. In-depth details on building RESTful interfaces, HATEOAS links for navigation and usability, ODATA for standard data retrieval (paging, sorting, selecting, filtering etc), and error handling are covered in this talk. Code samples, and sample API endpoints with request/response data will be shared with the audience. Session will cover using Lambda functions in HTTP(S) URLs, to perform operations on aggregated and single entities.

- PDT
KEYNOTE (API) : Toptal -- GraphQL Done Right!
Join on Hopin
Robert Pankowecki
Robert Pankowecki
Toptal, Back-end Architect

GraphQL is a fantastic query language. It covers a wide range of usages and, typically, is pretty well specified.

There are plenty of areas where the specification is missing, however, requiring you to create your own standards to make the experience consistent for clients. In this session, we’ll discuss Toptal’s 15 recommendations for how to create these specifications and how they compare with other options.

- PDT
KEYNOTE (API): Corsha -- Rethinking API Security: Applying Lessons Learned From Human Secure Authentication
Join on Hopin
Chris Simkins
Chris Simkins
Corsha, CEO & Co-Founder
Anusha Iyer
Anusha Iyer
Corsha, Co-founder and CTO

This session will discuss the growing need for better approaches to API Security, in light of increasing attacks against API. The speakers will talk about cybersecurity lessons learned from improvements in how humans securely log into networks and will apply those lessons to security for APIs. The session will tied those lessons learned to vulnerabilities identified by OWASP and other cybersecurity experts.

Thursday, October 29, 2020

- PDT
KEYNOTE (API) : eBay -- Scaling Your Architecture With Services and Events
Join on Hopin
Randy Shoup
Randy Shoup
eBay, Chief Architect and VP, Engineering Ecosystem and Experience

This keynote is a deep dive into the modern best practices around asynchronous decoupling, resilience, and scalability that allow us to implement a large-scale software system from the building blocks of services and events, based on the speaker's experiences implementing such systems at Google, eBay, and other high-performing technology organizations.

We will start with the idea of a "minimal viable architecture" - how architectures evolve and what architecture is most appropriate at each phase of a company. We will talk about how to migrate from a monolith to a service-oriented architecture, and learn some tips for being successful designing and operating services in production. We will then outline the capabilities of events and an event-driven architecture. Finally, we will combine events and services into a powerful overall architecture.

You will leave with actionable suggestions you can use to evolve and improve your own software architecture.

- PDT
OPEN TALK (API): Common API Security Pitfalls: Learning From Other's Mistakes
Join on Hopin
Isabelle Mauny
Isabelle Mauny
42Crunch, Field CTO

This session was born from the weekly newsletter at apisecurity.io, a community site which shares regular news about breaches via APIs. Each week large companies like Starbucks, T-Mobile or Facebook make it on the front page, as ethical or not so ethical hackers find vulnerabilities in their APIs.
Pattern emerge across those vulnerabilities and in this talk we will talk about them and how to address them early in your API lifecycle.

In this session, you will:
- Learn about the OWASP Top10 risks for APIs
- Get technical details on the vulnerabilities and why they happened
- Leave with a TO-DO of remediations and approaches so that you do not make the mistakes
- Learn not to trust anything or anyone :)

- PDT
CLOSING KEYNOTE: U.S. Bank -- What Are Service Mesh Features That Can Reduce Microservice Development Today?
Join on Hopin

There are Service Mesh features in Istio that can reduce microservice development out-of-the-box. Some of it includes ingress MTLS, JWT, outbound MTLS, etc. Some are not available yet, such as rate-limiting, OIDC, and external token validation, etc. It is good to know what Istio can help to improve in your day-to-day enterprise-scale microservice development.