Armchair Architects: API and Endpoint Security

Welcome to Armchair Architects, as part of the Azure Essentials Show. In this episode, Uli, Eric, and David dive into the critical topic of API security and Endpoint, discussing importance of using secure protocols like HTTPS, and the need for robust authentication and authorization mechanisms. The episode also covers the significance of Throttling to prevent distributed denial of service attacks (DDoS) and the principle of Information Hiding to protect sensitive data. Join us as we explore these essential aspects of API and Endpoint security and learn how to safeguard your workloads effectively. Resources • Introduction to Azure security https://learn.microsoft.com/azure/security/fundamentals/overview • Protect your APIs with Defender for APIs https://learn.microsoft.com/azure/defender-for-cloud/defender-for-apis-deploy • Azure DDoS Protection https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview Related episodes • Watch all the Armchair Architects episodes https://aka.ms/ArmchairArchitects • Watch the Azure Essentials Show https://aka.ms/AzureEssentialsShow Connect • Ulrich (Uli) Homann https://www.linkedin.com/in/ulrichhomann • Eric Charran https://www.linkedin.com/in/ericcharran • David Blank-Edelman https://www.linkedin.com/in/dnblankedelman Chapters 0:00 Introduction 1:14 API and Endpoint Security 1:52 Access security 2:36 DDoS 3:32 API management gateway 4:50 Restrict API access 6:36 Protecting data in flight 7:21 Information hiding 8:53 Granularity 9:45 Goldilocks 11:32 Defense in depth