Application Security & Online Fraud , Multi-factor & Risk-based Authentication , Security Operations
How does API Management Complement IAM?CA's Jay Thorne on Risk Management Benefits Beyond Authentication
Flat-out, traditional IAM practices are insufficient to secure a modern enterprise that relies on such diverse endpoints and connected devices. But API management can play a strong complementary role, says Jay Thorne of CA Technologies, a Broadcom company.
Thorne, head of product management for the Broadcom Layer7 API management product family, explains this emerging role.
"You have to be able to look at the APIs and be able to protect them, but also manage how that access is metered, is allowed, and also the threats associated," he says. "What's important is that the API management at the ingress of your organization has to consider a lot more than just the user name and password presented as part of the login."
In an interview about API management, Thorne discusses:
- Gaps in traditional IAM;
- API's complementary role;
- Advanced policies that API management supports.
Thorne is the head of Product Management for the Broadcom Layer7 API Management product family. In his 16 years in the API Management space, starting as the 7th employee of the Layer7 startup, he has been heavily involved in working with our products. As a Lead developer, development manager & director, chief architect, and now Head of Product he has been helping leading edge companies with our products as the world of APIs evolved from SOA through REST and on to Microservices.