The API-driven World

APIs and integration is suddenly the hottest sector in enterprise software!

Shevan will discuss how APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years. All digital transformation is now API-driven and integration technologies underpin their evolution.

As the world becomes digitally-native, how will the role of enterprise architecture shift? How do we leverage cloud native and agility initiatives?

In this session, Shevan will discuss

• The impact APIs are having on digital transformation
• WSO2's roadmap for API-driven initiatives
• A reference architecture for agility
• A new agility methodology for integration
• How microservices will pervade integration products
• Our commitment and role of Ballerina (cloud native programming language)
• New channel and reseller programs for partners

One of the most disruptive technologies to arise in this generation of open source has been the advent of blockchain-based cryptographic assets. The killer application of this is payment systems, and every meaningful messenger and soon every bank will be implementing payments based on blockchain. With the advent of payment moving in-band, the implications for the API economy become a world of programmable services that can manage their own profit and loss and even source their own infrastructure. The implications for Enterprises is substantial.

The number of microservices running in enterprises increases daily. As a result, service composition, governance, security, and observability are becoming a challenge to implement and incorporate. A “cell-based” architecture is an approach that can be applied to current or desired development and technologies to address these issues. This technology-neutral approach helps cloud-native dev teams become more efficient, act in a more self-organized manner, and speed overall release times.

In this keynote, Asanka will introduce the "cell-based" reference architecture, which is API-centric, cloud-native, and microservices-friendly. He will explain the role of APIs in the cell-based approach, as well as examine how real applications are built as cells. Asanka will explore the metrics and approaches that can be used to measure the effectiveness of the architecture and explore how organizations can implement the cell approach.

Ballerina is a statically typed, concurrent programming language, focusing on network interaction and structured data. One of its key objectives is to make providing and consuming services easier by baking concepts such as listeners, services, and endpoints as inherently concurrent first-class language constructs. Another important aspect of the language is the sequence diagram based graphical view which shows the most fundamental aspect of the semantics of a network distributed application. Ballerina language is pragmatic and intended for commercial adoption and provides familiarity for users of Java, C#, and JavaScript. While it looks like Java and other popular languages in some ways, it is very different from those in fundamental ways.

In this session, Sameera Jayasoma, will discuss and demonstrate how Ballerina simplifies your microservices development. Also, he will show you how Ballerina is different, why it's different, and how those differences give Ballerina an unfair advantage when it comes to developing resilient, performant, and secure network services and applications.

Integration of APIs, services, data, and systems have long been the most challenging yet most essential requirement in software application development. These disparate applications were integrated using point to point style, and later with the ESB (Enterprise Service Bus) style alongside the SOA.

The integration logic is being implemented as part of the service logic and most of the integration capabilities that you get as part of ESB are now need to be implemented as part of the service logic.

This session covers, the importance of application integration in microservices and cloud-native architecture, how microservices and cloud-native applications are integrated, service Mesh vs Application Integration, key application integration requirements, and patterns, cloud native technologies for application integration and WSO2 offerings in cloud native integration space.

What do Google, Facebook, Paypal, IRS, T-mobile, and USPS have in common? Answer -- hackers used their APIs to access sensitive customer information. Although these API attacks were exposed, most API-based attacks go undetected these days. This session will discuss today’s evolving API threat landscape and explore what you can do to both detect and block cyberattacks from authenticated users and hackers who have reverse engineered your API with an integrated solution from WSO2 and PingIntelligence.

The microservices architecture expands the attack surface with multiple microservices communicating with each other remotely. It’s a common principle in security that the strength of a given system is only as strong as the strength of its weakest link. Unlike in any other system design, the repercussions will be extremely highly if we do not get right the security in a microservices design. The key driving force behind microservices architecture is the speed to production (or the time to market). One should be able to introduce a change to a service, test it and instantly deploy it into production. A proper secure development lifecycle and test automation strategy needs to be there to make sure that we do not introduce security vulnerabilities at the code level. We need to have a proper plan for static code analysis and dynamic testing — and most importantly those tests should be part of the continuous delivery (CD) process. Any vulnerability should be identified early in the development lifecycle and should have shorter feedback cycles. There are multiple microservices deployment patterns — but the most commonly used one is service-per-host model. The host does not necessarily mean a physical machine — most probably it would be a container (Docker). The DevOps security needs to worry about container-level security. How do we isolate a container from other containers and what level of isolation we have between the container and the host operating system? How do we authenticate and access control users to microservices and how do we secure the communication channels between microservices? All fall under application level security. This talk addresses multiple perspectives in securing microservices: SDLC, DevOps, and application-level security.

Digital Transformation being an overused Technical jargons can mean many things, be it Modernize Legacy System, Future proof IT landscape and architecture, Breaking down Monolith, Scalable application/system/platform, Adapt and Change fast , Increase reusability of resources and data etc. But end of the day , it is the foundational change or digital strategy to re-imagine the business in the new digital age to focus on customers, culture and core capability and enable the organizations to securely and reliably connect with their customers to meet their need with increased agility , visibility and satisfaction. Integration engineering is not limited to application, system, data or process level integration but it is about bringing people, process and technology together which is essentially what Digital Transformation is all about.

Align technology is a global organization that has numerous polyglot applications (legacy and modern) in different systems and platforms in multi-cloud hybrid infrastructure. Align has the similar challenges to tackle the challenges that comes with huge organization that is on the path of Digital Transformation. In this session, Adeel will discuss how Align Technology is tackling the challenges that comes with Align’s journey to Digital Transformation and how WSO2 led Integration framework is helping Align with it’s various integration issues as well as how WSO2’s partnership with align is reshaping the future IT landscape for Align Technology.

“The whole is greater than the sum of its parts” - In this world of disaggregated, cloud native architectures, developers are increasingly adopting micro services to build Complex Systems. APIs play a huge role in creating a sustainable platform and a good API driven micro services design is key to building and scaling these complex systems. Whilst API Management and API Gateways have traditionally been used for north-south communication, Service Meshes and specialised gateways have emerged to handle complexity for East-West communication.

The “parts” work, but is the “whole greater than the sum of its parts”? That’s the objective of this talk. We apply method to madness, and take a critical look at the role of APIs in cloud native, service mesh driven complex system design. We will look at how various API technologies including full lifecycle API Management, API Gateways and Micro-gateways, API Proxies and frameworks to build on-the-fly gateways play with Service Meshes like Istio and LinkerD, proxies like Envoy and ingress gateways. We will also look at practical examples of how full lifecycle API Management play an important role in Service Mesh based K8S Infrastructure.

One does not have to spend much time searching to find the terms “API economy”, “API first”, and other similar phrases. In the spirit of those phrases one would think all you need to do is throw those topics into a conversation and you have a golden ticket for success. Unfortunately, we are all aware that the real world doesn’t operate in that binary fashion. In this discussion, Damon will explain how his team focused on three key tenants to build a successful API program at Cerner. There were some obstacles on the journey and some lessons learned will be shared in an effort to prevent others from repeating the same patterns.

The industry seems to be moving away from pure open source businesses. WSO2 is going the opposite direction, maintaining a strong commitment to open sourcing our products and open sourcing even more of our IP, building communities, making expertise available to our customers, and bringing transparency to our business culture and operations. This session explains why we believe our strategy of openness is fundamental to the success of WSO2 and our customers.