I spoke to Sam Ramji a little while back to get an update on Sonoa Systems. Readers will recognize Sam from his previous life as a central figure in Microsoft’s open source strategy team. Sam started the call describing a shift in his work from “open source to open cloud”.

Sam explained that enterprises are increasingly opening access to enterprise applications and services to third party developers, especially mobile developers, through open APIs. The impetus? Increase application content routes to market in an effort to increase revenue potential. The increased routes to market increases the potential load on the core application or service being exposed through the open API. Without careful consideration, the potential load from a third-party application could disrupt the company’s own, likely business critical, use of the application or service.

Sonoa Systems addresses this issue through an enterprise grade platform for visibility, management and governance for cloud services and APIs. Sonoa’s flagship product, ServiceNet is available as a hardware appliance, a virtual software image for private data center or public Cloud deployment.

Sam described a major U.S. retailer whose IT department built and exposed an API to its product catalog as a skunk works project. Nobody knew the degree to which the API would be used, or the extra load to expect on the product catalog service, a business critical IT asset. Today, the API is experiencing significant usage as third party developers have integrated the retailer’s content into a mobile mashup application. Not surprisingly, the mobile application is driving workload to the retailer’s back-end services which must be managed and optimized, a sweet spot for Sonoa. However, the application is also driving new revenue, which can be tracked through the API analytics that Sonoa ServiceNet offers.

The opening up of enterprise applications and services through open APIs is heading in only one direction. Sonoa hopes to accelerate this trend through its Apigee service:

“You have Google Analytics for your website – what about your APIs? And how do you protect your app against a burst of traffic or find out if an API you are using is slowing down your app? (besides hearing from your customers)

Apigee can help you understand API usage, control traffic flow, and protect your apps and back-end from misuse or abuse.”

Sam explained that the explosion of third-party mobile applications is driving interest and use of open APIs. For some companies, this is a double edge sword. Third party use of a company’s APIs increase revenue potential, but also increase risk of core system downtime based on factors beyond the company’s control, whether through misuse or abuse of the open API.

The great thing about Apigee is that companies can use ApigeeBasic, the free offering, to protect the core system through API usage quota, rate limiting and spike protection. This enables companies of all sizes to begin down the path of getting higher utilization out of the core application or service by making it available through a much broader channel than the company’s online presence alone. The ability to track revenue associated with the open API is sure to help business case discussions that may result when infrastructure upgrades are required to keep up with the new load through the open APIs. For most companies, that would be a good problem to have.

Follow me on twitter at: SavioRodrigues

PS: I should state: “The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies or opinions.”