API Governance and API Security in Postman

API Governance and API Security are available on Postman Enterprise plans.

The Postman API Governance and Postman API Security features identify inconsistencies or weaknesses in your APIs and recommend possible fixes or improvements that follow industry best practices. These features enable you to automate your organization's governance and security review processes instead of relying on manual reviews.

API governance is the practice of defining and applying development rules that promote consistent API behaviors across your organization's API landscape. And a robust API security posture means that your organization has development rules that promote security-first API behaviors.

Postman applies API governance and API security rules at the following phases of API development:

  • API definition - See rule violations that might impact your definition's governance and security postures.
  • API requests - See rule violations when you send requests to any API using either the Postman web app or the Postman desktop app.

Enterprise teams can also create custom rules. See the Configurable rules overview for more details.

Last modified: 2022/07/20

Additional resources

Videos

API Governance | The Exploratory
Introduction to API Security | Postman Intergalactic
Securing APIs | Postman Enterprise

Blog posts

4 key updates to Postman API Governance
API Governance with Postman v10
5 ways to reduce exposure to API security risks

Case Studies

Sling TV/ DISH Network improved API Governance with Postman
Postmanaut dancing. Illustration.