API Security Maturity Model — I’m not sure if I agree with this specific framework, but I like the idea of a maturity model for APIs in general and security in particular. Level 0 – API Keys and Basic Authentication; Level 1 – Token-Based Authentication; Level 2 – Token-Based Authorization; Level 3 – Centralized Trust Using Claims.
Hexagonal Architecture (Netflix) — The idea of Hexagonal Architecture is to put inputs and outputs at the edges of our design. Business logic should not depend on whether we expose a REST or a GraphQL API, and it should not depend on where we get data from—a database, a microservice API exposed via gRPC or REST, or just a simple CSV file. How Netflix used this architectural concept in practice.