Cisco’s API-First Motion is Driving Innovation at Scale

Free-Tier Developer Solutions Panoptica and Calisti Continue Cisco’s Strategy to Connect, Secure, and Observe Modern Applications

Technologists have predicted for years that digital experiences are the way of the future. But no one could have predicted quite how the pandemic would drive accelerated adoption. All kinds of consumer and business experiences, and related transactions, will one day soon take place in an immersive world.

We’re not far off from new, immersive social and entertainment experiences. Virtual travel will have the side benefit of net positive environmental and social impact. Training and education will take on entirely new dimensions in the future, along with workplace engagement and collaboration. Remote surgeries will revolutionize healthcare, and digital twins and other simulations will change manufacturing. In fact, an entire digital goods economy is already appearing.

There are lots of challenges to resolve to create the applications that drive digital experiences, whether it’s the real world of products and services or the future world of the metaverse.

For decades, Cisco has led the industry in networking and security from the application to the end-users. Now, to support the evolution of these modern application architectures, we have brought our leadership and expertise to internal application microservice connections as well.

Application programming interfaces (APIs) are the fuel that is powering this world. APIs are behind the creation of new business models, and they are helping to streamline strategies for delivering products and services across almost every channel.

Enabling a digital-first, app-centric world

Today, the average enterprise uses 1,935 applications—a 15% increase from five years ago—and each of these apps is accessible with dozens of APIs.

APIs have been a part of software development for a long time. However, they’ve become a lot more important to us because they allow us to access and consume services from anywhere and anyone—public clouds, SaaS clouds, and other third-party services.

With these services, plus the “homegrown” ones made by organizations themselves, we can build microservices to create applications that are used by our internal and external customers. This gives us the ability to get to market faster, scale to millions of users, and change up services that are offered so we can delight our users without bringing the application itself down. In this world, APIs have become a base-level need.

The IT stack needs to evolve to meet the demands of these modern application architectures with solutions that provide API and service Connectivity, Security, Observability, and a thriving Community around them.

At Cisco, we’re doing this through a fundamental commitment to, and support of, an API-first development motion. API-first development is a way to speed up how you build new applications, optimize existing ones, and it provides a consistent framework for managing applications across the modern IT stack—which is often a mix of hybrid and multi-cloud environments.

We’re building the solutions that make it possible for you to pick the APIs you want. Organizations must deal with brownfield and hybrid environments, and we’re making it possible to use the same APIs across the full stack from development through runtime.

Introducing Calisti and Panoptica

As the number of services in an application grows and scales from adding new functionality, cloud-native apps use service-mesh technology to manage and optimize communications between the different services. This leads to increasing complexity and operational costs.

That’s why we have built Calisti and Panoptica, which were launched today at Cisco Live. Both are available with a free tier so you can get started right away.

Calisti is a Service Mesh Manager to discover, connect and observe across service meshes in a simple and intuitive way.

As the number of microservices grows, so do the number of APIs which are fast becoming a critical security vulnerability. In fact, APIs have become a preferred attack vector for threat actors with the average company experiencing a 95% rate of API security incidents according to a recent report. Securing API-to-API and API-to-Data interactions is quickly rising to a high priority.

Panoptica makes it possible for software developers to assess and address the reputation and scoring of all APIs, both internal and external. And the exciting thing this enables is a “shift left” when it comes to security. That is, it makes it possible to embed security-related decisions earlier in the software development process. And that’s a win-win for everyone involved.

Our commitment to open source

The success of our approach to building the API-first future also rests on a thriving community around open-source standards that solve real-world problems. The focus of open-source projects is to provide a framework or “single source of truth” and compliance for every stage of the API lifecycle, from creation to development, and deployment.

To secure APIs, you first need to have visibility into the APIs in your environment, and that is why we developed APIClarity. It is an open-source cloud-native visibility tool for APIs, utilizing a Service Mesh framework to capture and analyze API traffic, and identify potential risks. Panoptica uses APIClarity for visibility of API traffic, vulnerability management, and to compare the OpenAPI specification.

Panoptica also uses KubeClarity for visibility and vulnerability of Kubernetes-based environments. KubeClarity is a tool for detection and management of Software Bill of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security.

Cisco contributed both APIClarity and KubeClarity to open source, so anyone can reap the benefits.

And in the process of improving the quality of our own APIs, Cisco has been working on an open-source project called APIx Manager which is being previewed this week at Cisco Live. APIx Manager helps developers improve API quality and security early in the development lifecycle and is integrated into integrated development environments (IDEs).

These are examples of how we are providing even more developer and community support, so anyone who wants to take part in Cisco projects can easily engage and understand how to do it. Meeting the needs of the developer community is foundational to how we think and approach innovation and bring technologies to market.

The world is becoming intensely user-focused and experience-driven. Our strategy at Cisco places experience at the center.

Calisti and Panoptica were launched today at Cisco Live. Read the press release:

Cisco’s Emerging Technology and Incubation Efforts Deliver Free-Tier, API-First Developer Solutions

Additional Resources

• Sign up for a free tier and get started right away with Calisti and Panoptica.
• Learn about Cisco’s cloud-native and API-first products and current ventures at Cisco ET&I.
• Explore the open-source community and projects for reusable code at Open Source @ Cisco.