Close Menu

    Postman introduces new features to enable “secure by design” API development

    Postman is announcing new features designed to enable developers to build APIs at scale in a secure fashion.

    First, the company announced the release of Spec Hub, an API design platform that provides tools for authoring, governing, and publishing API specifications across multiple formats, such as OpenAPI 3.0 and AsyncAPI 2.0. 

    It offers one-click workflows for developers to design, test, mock, and build. It provides real-time validation with linting by Spectral, allowing developers to identify and resolve issues early on in the API design process.

    Developers can choose from Spec Hub’s visual schema editor or directly edit code in JSON or YAML.  

    “Ultimately, Postman’s Spec Hub eliminates leadership trade-offs between key priorities—namely, developer velocity, API governance, and cost efficiency—while giving developers the freedom to move fast and ship more,” the company wrote in a blog post

    The second big announcement is Bring Your Own Key (BYOK) Encryption, which provides customers with complete control over their data protection by allowing them to manage and safeguard their own encryption keys for the data stored in Postman Cloud, such as API environments, globals, and history.

    It implements a zero trust security model where developers can remove access to data simply by disabling the associated encryption key. It also automatically logs encryption events to better facilitate audits.

    According to Postman, BYOK Encryption meets the highest security and compliance standards, such as GDPR, US state privacy laws, and SOC2. 

    “With BYOK Encryption and Spec Hub, Postman is redefining how enterprises can scale API development while staying in full control of their data. BYOK Encryption ensures that even in the face of a breach, organizations can instantly isolate risk and maintain compliance, while Spec Hub delivers governance that developers actually want to use—eliminating friction without compromising security. This is the future of secure, scalable API development,” said Sam Chehab, head of information security at Postman. 

    The post Postman introduces new features to enable “secure by design” API development appeared first on SD Times.

    Source: Read More 

    Related Posts

    Leave A Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.