Question: Can you recommend a platform that provides robust security controls for creating and managing private REST APIs?

If you're looking for a platform that offers strong security controls for creating and managing private REST APIs, Kong is a good option. It's an API gateway and service mesh designed to make it easy to manage APIs so they can be used quickly and at large scale. It offers real-time visibility and security with fine-grained policies, and built-in tools let you quickly create and test APIs. It's flexible, working on a variety of clouds, platforms and protocols, so it's good for companies that need to manage APIs securely in multiple environments.

Another option is Reblaze, a cloud-based service that offers an adaptive security service for web applications and APIs. It includes features like next-generation web application firewall, API security, DoS and DDoS protection, bot management and real-time analytics. Reblaze also integrates with major cloud providers and offers a fully managed service with a real-time dashboard to monitor traffic and security. It's good for companies that need strong protection against sophisticated attacks.

For controlling access and authentication, Auth0 is a good option. The company offers Universal Login, Single Sign On, Multifactor Authentication and customizable actions. Auth0 integrates with many programming languages and frameworks through more than 30 SDKs and Quickstarts, so it's good for a wide range of industries. It also offers a free trial so you can test it before moving to a paid plan, so it's good for startups and enterprises.

For companies that want to protect their entire development lifecycle, Data Theorem offers an application security platform. It continuously discovers and inventories assets, automates security testing and actively protects against data breaches in real-time. Data Theorem is designed for large-scale applications and supports multiple security testing methods, so it's good for companies that want robust and scalable security.