Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and extensive topic and, it is very important to understand it, I will tell you all that by explaining API and what we can do with it.


If you’ve ever worked in anything related to Application Programming or Programming in general, you’ve probably heard of this term before, and, for a good reason, as a programmer, you want the app that you’ve been working hard on to be fast and easy to use, we’ll soon learn how API contributes to these goals.

API stands for Application Programming Interface, without getting too “Technical”, an API is a way of gaining “access” or way to get information that another site or service holds.

The one who provides the API is the one who holds and creates the information (and wants to share it with others) and the one who uses his API is the one who wants to get the same information without “creating” it himself.

We can see a more understandable illustration of my explanation from the picture above.

Benefits we will gain from using API :

  • Automation : by using API’s, we allow our machines to manage and initiate many tasks, agencies can update work flows to make them quicker and more productive, a machine will never grow tired or hungry (unlike me).
  • Adaptation : our world changes with each passing day, API’s help to anticipate these changes, and, data migration is supported better, and the information is reviewed more closely, in short, APIs make giving services, much more flexible and easy.
  • Customization : by using API’s, any user or company can customize the content and services that they use the most to be initiated based on their preferences.
  • Integration : API’s allows the embedding of a certain content from any site or application more easily. This is helpful when we want to create a more fluid information delivery and an integrated user experience.
  • Authentication : since communication is a “two-way-street” API’s offer reliable transaction sets including proper confirmations.

There are many more… but you get the point.

Did you know, that, Amazon, Netflix and Etsy are using API?

Other common uses you should know :

  • Google Maps – embeds Google Maps into applications.
  • Google Analytics – allows Google Analytics to access.
  • YouTube API – embeds YouTube players or enables YouTube search capabilities.
  • Dropbox – allows for an app to sync Dropbox files across platforms securely.
  • WordPress – enables WordPress to communicate with other web properties regardless of programming language (thank you Matt Mullenweg and Mike Little).

Now, let’s talk about the Disadvantages that may appear when we use API’s :

  • Embedding and using the API’s capabilities can be costly in terms of development times, ongoing maintenance requirements, and providing constant support.
  • API’s require extensive programming knowledge and the learning curve can be fairly steep, when understanding how to program API’s, it’ll make your users “lives” much easier, but you will work extra in order to do so.
  • Security can be a concern as APIs add another potential attack layer to programs/websites, for those interested in reading in detail, navigate to this article.
  • Sometimes, the lack of direct contact or incorrect communication between the developer using the API and the one providing the API makes it hard to determine the right use of an API in order to fulfill a particular need and ensure that the implementation is correct.

Even we at Kayran use API!

Kayran’s API will allow us to perform functions like initiating or terminating scans, user management, project management, setting up proxies, and receive information about our Kayran server, you can find our API Documentation here.

So tell me, what did the API engineer named his son?




JSON

(please laugh, I begged my boss to keep this joke).

Stay safe, choose Kayran.

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »