Securing Labs API (SLAPI)
PDF version available.
SLAPI is a live example of how an Application Programmers Interface, or API, is now part of how you manage your security infrastructure. It is an evolving tool for turning security policy into dynamic objects that adhere to the business logic, while staying as simple and small as possible. SLAPI is not meant to replace your interface to all controllers, but to provide a way to abstract technology choice from impacting your ability to manage security policy.
SLAPI abstracts the security administrator from having to manage objects. Security can chose to use, or not use a dynamic SLAPI object in their policy, but they cannot change or alter the object. Since the requestor controls the state of their object (or whatever function deemed for validation), they can move and adapt the service in the policy programatically.
I know what you are thinking, you are not a programmer, you are a security or network admin. You work on infrastructure. Well this still applies as part of the infrastructure, its just infrastructure as code, and it needs to be part of the security policy, now. Hence, security as an API, specifically, around managing policy.
SLAPI is easy to try, simple to setup, and powerful when customized.
Securing Labs API
- 1 Who Cares
- 2 What Do I Need
- 3 Where Do I Connect
- 4 How Do I Test
- 5 When Does It Break
- 6 Why Not Try
- 7 Api Diagrams