API World -- Main Stage

Wednesday, October 26, 2022

- PDT
OPEN TALK (API): How Businesses are Navigating the Perilous API Waters to Maximize Profit
Ann Marie Bond
Ann Marie Bond
Software AG, Director, Product Marketing

APIs occupy a unique spot in the technology world. They're a primary method for delivering on business initiatives – from modernization to customer experience.

However, challenges such as cloud security, API proliferation and lack of community engagement can slow progress and reduce the value of your APIs.

This interactive session will showcase real-world examples from your peers at companies building out unique and targeted solutions using APIs and microservices architectures. You’ll also discover the challenges and best practices they’ve encountered designing and building APIs, adopting cloud-native architectures and ensuring the proper level of security and governance.

**One lucky audience member will WIN A YETI COOLER ($350 value) at the end of this presentation! (To be shipped to them after API World.)

- PDT
OPEN TALK (API): SurrealDB - Simplifying the Backend Tech Stack and Improving API Security Using a Multi-Model Cloud Database
Tobie Morgan Hitchcock
Tobie Morgan Hitchcock
SurrealDB, Founder & CEO

With the exponential growth of data and devices, and the move to the cloud, there is a need to store, analyse, and query data in a multitude of different ways, from a host of different clients and devices - whilst at the same time ensuring that only the right user has access to the appropriate data.In this talk we will cover why and how a multi-model database platform can be used to reduce complexity and costs in the API layer and in the backend tech stack, by speeding up application development, while offering improved data security protection for all users. 

- PDT
OPEN TALK (API): Empowering API Growth with Open API Specifications
Matthew Miller
Matthew Miller
Bloomberg, Web API Gateway Team

An API gateway is the storefront and doorway into your organization’s API offerings. In that sense, it needs to provide an effective way to showcase new APIs and help speed up time to market. But how do you ensure your API providers can continue to grow, while enabling clients to seamlessly adapt to your APIs?

Our talk focuses on Bloomberg’s journey of growing our API gateway to house hundreds of API projects that unlock financial data for clients across the global capital markets — both from an infrastructure and product perspective. OpenAPI specifications are at the heart of our strategies for onboarding teams with self-service tooling, our review process that ensures quality and consistency across all of our API products, and the interactive documentation we’ve built to increase client engagement. 

- PDT
OPEN TALK (API): Embedded iPaaS: What It Is and Why SaaS Teams Use It to Scale Native Integrations
Beth Harwood
Beth Harwood
Prismatic, Co-founder

Businesses increasingly expect their software to come with out-of-the-box integrations to the other products they use. Building and maintaining all of these integrations is messy work and diverts a lot of dev time from core product innovation. Embedded iPaaS has recently emerged as a new kind of integration platform specifically designed to solve SaaS companies' integration needs. This session will explore why embedded iPaaS is gaining traction and how it helps SaaS teams build native integrations faster, manage the complexities of configuration and deployment, and provide a self-serve integration UX. 

- PDT
PRO TALK (API): API Security Doesn’t Stop at Inventory
Steve Wilson
Steve Wilson
Contrast Security, Chief Product Officer

The modern web “application” is really a conglomeration of interconnected APIs, microservices, web apps, frameworks, libraries, and serverless functions spread across multiple cloud and on-premise environments. Simply inventorying your APIs is not nearly enough to make them secure. In this talk, I'll review the five major components of an API security program. We’ll talk about detection, security testing, securing libraries, runtime protection, and access management. We will focus on automation and review the pros and cons of traditional scanning and perimeter tools as well as modern instrumentation-based security tools. You’ll leave with practical guidance on next steps for your API security program. 

- PDT
KEYNOTE (API): Gravitee -- Out with the Old, in with the New: Event-Native API Management
Linus Hakansson
Linus Hakansson
Gravitee, Vice President, Product
Thomas Kunnumpurath
Thomas Kunnumpurath
Solace, Vice President of Systems Engineering for Americas

Events and asynchronous APIs are critical to modern application development and integration. However, API management solutions have not evolved to support the different communication patterns, security threats, and productization potential that asynchronous APIs and events bring with them. Instead of settling for "the old" API Management that leaves you locked down on just HTTP and REST API, the market has delivered a wholly new approach to managing asynchronous APIs and events: event-native API Management.

Attend this joint Solace and Gravitee session to learn:

How event-native API Management speeds up & expands modernization initiatives
How to securely expose event steams and API traffic
How to productize (and even monetize) events and asynchronous APIs
How to bring the productivity of evented systems and backends to synchronous systems and applications

The solution in a nutshell? A new kind of API Management that we call “Event-native.”

Join this discussion to learn more about what we mean by “Event-native” API Management and how you can successfully use API Management to ease and propel your organization's modernization initiatives.

Thursday, October 27, 2022

- PDT
OPEN TALK (API): Monitor Health of API
Wayne Zhao
Wayne Zhao
Chime Bank, Lead Engineer

Chime is the leading fintech unicorn in United States. We handle billions of transaction each day. Making sure our api is up and running is very critical to our customers. As a mobile only bank, our customer expect they should be able to access and spend their money at any time.
In this session, we will talk about how Chime use synthetic test to monitor the health of our APIs. Chime has REST APIs, Graphql APIs and real time communication API(based on web socket).
We use synthetic test to simulate many critical user workflow and run the test periodically. Synthetic test can monitor REST API and Graphql API out of box. For the real time api, we used AWS lambda to monitor the health and expose REST endpoint using AWS api gateway. Then we use synthetic test to monitor the REST endpoint. The synthetic monitor approves to be very effective in detect problems. The synthetic monitor turns out to be the first to detect many of our system outages. 

- PDT
OPEN TALK (API): PDF Signatures vs Web-Based Signatures: Building Workflows to Enhance your Security and Efficiency
Mahender Bist
Mahender Bist
Foxit, SVP of Foxit eSign

The focus of this talk with be PDF document signatures and how they differ from web-based signatures. This talk will cover:
• What are the different types of eSignatures?
• Advantage of document-based vs web-based eSignatures.
• Digital signature security.
• Validations including LTV.
• Building workflows with document-based signatures.
• Using a PDF SDK to enhance the eSignature process. 

- PDT
OPEN TALK (API): How a Combined Shift-Left and Shield-Right Approach Delivers End-To-End API Security
Isabelle Mauny
Isabelle Mauny
42Crunch, CTO

Development and security teams know securing APIs is a critical task, yet companies are still debating the pros and cons of adopting a developer-first approach to protecting their APIs versus a more traditional shield-right security model. In this presentation, Isabelle examines the pros and cons of each approach, and shows through demonstrations how development and security teams can achieve the best of both approaches to achieve continuous API Security. Isabelle will show how developers can embed security as code in their APIs but also how security teams can maintain visibility and control via API micro-firewalls and existing SIEM services. 

- PDT
OPEN TALK (API): API Tools for the Stages, Not the Ages
Andrew Stiefel
Andrew Stiefel
NGINX, Product Marketing Manager

There is no one-size-fits-all approach to building API infrastructure, and what you need will change with the scale of your operations. So instead of buying a tool for the ages, learn how to select technologies based on where you are today in your API journey. Explore the stages of API modernization, implications for your API strategy, and considerations to ensure your technology will scale with you as you grow.

- PDT
OPEN TALK (AI): Bringing Life and Motion to AI Explainability
Joao Nogueira
Joao Nogueira
Optum, Senior AI Engineer
Pietro Mascolo
Pietro Mascolo
Optum Ireland, Data Scientist

SHAP is a great tool to help developers and users understand black box models. To push it to the next level, we will show how to leverage on Dash, SHAP, gifs, and auto-encoders to generate interactive dashboards with animations and visual representations to understand how different AI models learn and change their minds while progressively trained with growing amounts of data.

Animations will help developers understand how frequently AI models tweak their population and local importance factors during training and how they compare across competing AI models, adding an extra layer to AI safety. Auto-encoders and LSTM will be used to generate 2-dimensional embedding representations of explainability paths at individual level, allowing developers to interactively detect algorithm decision making similarity across time and visually debug mislabeled AI predictions at each point in time.

We will show this application in the context of Chronic Kidney Disease prediction and broader Healthcare AI. 

- PDT
OPEN TALK (API): A Journey into Building a Powerful Developer Platform
Tim Slagle
Tim Slagle
Zoom, Head of Developer Relations

This session will touch on the evolution of Zoom, including how and why Zoom’s founder and CEO, Eric S. Yuan, decided to build Zoom. The session will include insights on how today, Zoom is more than meetings and how what started as a meetings app has quickly evolved into a comprehensive platform, including our Developer Tools. Touching on the Zoom Developer Platform, it will highlight how the platform enables developers, platform integrators, service providers, and customers to easily build apps and integrations that use Zoom’s video communication solutions or integrate Zoom’s core technology into their products and services. Then, we will discuss how Zoom is building flexible developer solutions, such as Zoom’s Meeting SDKs/APIs and Video SDKs/APIs that extend the value Zoom provides across more and more tasks, and in turn, increase the platform’s differentiation as the future of communications. To close the session, we will discuss the Zoom ISV Partner Program and the GTM approach that was launched to promote ISVs and leverage a full partner ecosystem for developers using the Zoom APIs/SDKs.