Welcome!

Matt McLarty

Subscribe to Matt McLarty : eMailAlertsEmail Alerts
Get Matt McLarty via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Matt McLarty

I recently wrote an article for Wired, which discussed the importance of thinking about security at every stage of your application lifecycle.  This is especially important as we enter the new era of open enterprise IT. The explosive growth of mobile computing has shifted the enterprise perimeter and traditional access control mechanisms are no longer sufficient. This is even more relevant when thinking about the Internet of Things (IoT) and its rapidly evolving ecosystem. George Reese of Dell recently published an article that discusses the Tesla Model S REST API.  This API enables some remote control features on the car and is primarily used by Tesla’s available smartphone apps. Great stuff, showing how mobile meets IOT meets API. The problem is that the focus of the article is all on its potential security vulnerabilities. Where the Tesla developers should be la... (more)

Security in the Frenetic Age

There has been a lot of talk about data leaks and data privacy lately, not naming any names. The articles and blog entries on this topic are filled with outrage and spoken with dropped jaws. I have to admit that the only shock I experience on this subject is at how shocked people are. As divisive as these issues are, fundamental questions remain. How much privacy should be expected? How many times a week are you prompted to accept a long block of terms and conditions in order to access online services? How many times do you read them? Isn’t that the scary part? The mobile revol... (more)

Cloud and Clear: Please Join Me at Cloud Expo in June

It’s April in Vancouver, which got me thinking about clouds.  Although the IT buzz in 2012 has been dominated by mobile and big data, Cloud computing is still a hot topic, especially since it is an enabler for both. In the public Cloud space, Google just launched Drive in the same week that Microsoft updated SkyDrive. In the private Cloud domain, IBM recently announced its PureSystems platform, which falls along similar lines as the Exa- line from Oracle. It will be interesting to see whether or not big enterprises buy into this “21st century mainframe” concept but what’s clear is... (more)

Big Data and API Management

The hottest IT trends of 2012 are shaping up to be Cloud, mobile and “big data”. The links between API management, Cloud and mobile are clear. The links between API management and big data – a concept that creates capabilities for capturing and analyzing previously unimaginable amounts of unstructured data – are less obvious but no less significant. I see two key areas of synergy… First of all, in the three-tier architecture of the Web, the line was typically blurry between the presentation and logic tiers and concrete between logic and data. Big data now blurs the line between ... (more)

“Mobile App Security: Always Keep the Back Door Locked” – Our Take

Today’s lead article on Ars Technica talks about the importance of protecting back-end resources in the context of mobile applications. The article rightly stresses the importance of this security, talks about the uptake in OAuth and cites API Gateway solutions as a popular option in this space. However, the article clearly misstates the capabilities of an API Management solution founded on an API Gateway. I am going to assume that the author only had exposure to API Gateways second hand or through a competitor of Layer 7. Here are the misconceptions propagated by the article, a... (more)