DevCentral Connects Recap: Open Finance, APIs, AI & Security
In this DevCentral Connects recap we chat about the Global State of Open Finance report and the industry’s shift from open banking to broader open finance. We cover the security implications as APIs proliferate (including shadow APIs), how AI is reshaping risk and opportunity, and practical steps for teams—API discovery, centralized enforcement, least‑privilege, and model governance. Watch the full conversation hereSimplifying API Security with New Jira Integration and F5 Distributed Cloud
Introduction APIs fuel modern applications—but as they scale, grow, and evolve, API sprawl becomes a serious concern for security and operations teams. That’s where F5 Distributed Cloud API Discovery comes into play: enabling deep visibility into all your APIs, whether managed or unmanaged. And now, with our new integration with Jira, API lifecycle management just got a whole lot easier. API Discovery - The foundation of API Security Before you can protect or govern your APIs, you need to know what exists. F5 Distributed Cloud API Discovery continuously scans your environments (including ingress gateways and services) to automatically detect, catalog, and classify APIs—including shadow APIs and zombie endpoints you may not even know exist. This forms the foundation for API Security, Governance, and Compliance. But discovering APIs is only the first step. You still need to triage findings, prioritize action, and loop in the right teams to fix or respond. Introducing Jira Ticketing Integration With the new Jira integration, customers can now seamlessly push API discovery security posture findings into their ticketing and workflow systems. This accelerates remediation, reducing silos, and enabling true DevSecOps collaboration. Key capabilities: Automatic ticket creation from F5 Distributed Cloud API Security to Jira’s ticketing system for the vulnerabilities discovered Detailed context embedded in Jira ticket - API endpoint, Base Path, API Category, Authentication status, vulnerability details, risk score and suggested remediation actions Assign to Teams based on API owner, service or environment This helps security and platform teams shift left while giving development teams better context to secure their APIs. Pre-requisites You need to have Jira Service Management (SaaS) tenant and account Distributed Cloud Tenant 1. Jira Service Management Account (SaaS) 2. Create a project (In this example: project name is "F5") 3. Generate API Token to allow F5 Distributed Cloud to communicate with Jira Make sure of the expiration date of this API token - API token should be valid for the communication between F5 Distributed Cloud and Jira 4. In F5 Distributed Cloud Tenant, Create new ticket tracking system object with Jira details (Shared Configuration Tile -> Manage -> Ticket Tracking System) It requires to fill "API Token", "Jira Account Email" and "Jira Organization Domain" 5. Under API Endpoint Dashboard, find the relevant API Endpoint you need to trigger Jira Ticket (API Endpoint -> Security Posture -> relevant API vulnerability -> Create Ticket) Ticket will be created automatically in Jira and then you can assign it to one of the team members. It could be service owner or API owner You can also review the ticket in F5 API Endpoint Security Posture with direct link to Jira ticket Summary Too often, API security tools operate in silos, separate from the developer and operations workflows. This integration bridges that gap, enabling: DevOps-friendly workflows Faster MTTR (mean time to remediation) Better cross-team visibility Automated compliance tracking By turning API discovery insights into actionable tasks, organizations can better manage risk and reduce operational overhead.How to use F5 Distributed Cloud for API Discovery
In today's digital landscape, APIs are crucial for integrating diverse applications and services by enabling seamless communication and data sharing between systems. API discovery involves finding, exploring, and assessing APIs for their suitability in applications, considering their varied sources and functionalities. F5 Distributed provides multiple architectures that make it ridiculously easy to discover APIs.
