Talk tech with tips and tutorials from builders at Kong and the Kong Community.
In the latest Kong Gateway 3.12 release , announced October 2025, specific MCP capabilities have been released: The Kong AI Gateway sits in between the AI applications we build and the MCP Servers and GenAI models we consume. In fact, the Kong MCP Gateway sits side-by-side with the Kong LLM…
Kong Gateway is an API gateway and a core component of the Kong Konnect platform . Built on a plugin-based extensibility model, it centralizes essential functions such as proxying, routing, load balancing, and health checking, efficiently managing both microservices and traditional API traffic. An…
"To prioritize the safety and security of the ecosystem, Kubernetes SIG Network and the Security Response Committee are announcing the upcoming retirement of Ingress NGINX . Best-effort maintenance will continue until March 2026. Afterward, there will be no further releases, no bugfixes, and no…
The numbers tell a compelling story. While 65% of organizations that use APIs are currently generating revenue from them, a significant gap exists between API adoption and AI readiness. 83.2% of respondents have adopted some level of an API-first approach. Yet only 25% operate as fully API-first…
While building a GenAI-powered agent for one of our company websites, I integrated components like LLM APIs, embedding models, and a RAG (Retrieval-Augmented Generation) pipeline. The application was deployed using a Flask API backend and secured with API keys. However, post-deployment, several…
Why are Microservices Security Risks? Traditional security was simple. One perimeter. Few entry points. Clear boundaries. Microservices shattered this model. Now organizations manage hundreds of independent services. The average number of API calls to an enterprise site has risen to an…
The Challenge: Securing Distributed Systems Netflix operates over 1,000 microservices handling two billion daily requests (Microservices architecture: from Netflix to APIs). One security gap can trigger cascading breaches. Traditional perimeter security fails in microservices. Services multiply…
Control Plane Groups in Kong Konnect provide a structured way to manage multiple control planes within a single organization. Think of it as a federated approach: different teams can deploy and manage their own APIs while still adhering to overarching policies set by a central governance team.…
Meet Emily. She’s an API product manager at ACME, Inc., an ecommerce company that runs on dozens of APIs. One morning, her team lead asks a simple question: “Who’s our top API consumer, and which of your APIs are causing the most issues right now?” For Emily, that’s not a simple question at all.…
Together, these three technologies enable healthcare organizations to connect systems with confidence, manage identities responsibly, and share data securely. Healthcare data is highly sensitive and strictly governed by regulations like HIPAA. The combination of Kong and Okta provides a robust,…
Key Takeaways API testing is the process of validating that your application programming interfaces (APIs) work as intended, seamlessly connecting software components. Think of APIs as the translators of the tech world, facilitating clear communication between different software systems. API…
It's natural to consider the necessity of guardrails for your sophisticated AI implementations. The truth is, much like any powerful technology, AI requires a set of protective measures to ensure its reliability and integrity. These guardrails aren't just a good idea; they are fundamental for…
Kong Insomnia is your all-in-one platform for designing, testing, debugging, and shipping APIs at speed. Built for developers who need power without bloat, Insomnia helps you move fast whether you’re working solo, scaling a startup, or collaborating across enterprise teams. With real-time…
The OWASP Top 10 for LLM Applications 2025 represents a significant evolution in AI security guidance, reflecting the rapid maturation of enterprise AI deployments over the past year. The key updates include expanded focus on agentic AI systems with "excessive autonomy" risks, new attention to…
In the last two parts of this series, we discussed How to Strengthen a ReAct AI Agent with Kong AI Gateway and How to Build a Single-LLM AI Agent with Kong AI Gateway and LangGraph . In this third and final part, we're going to evolve the AI Agent with multiple LLMs and Semantic…
In my previous post, we discussed how we can implement a basic AI Agent with Kong AI Gateway. In part two of this series, we're going to review LangGraph fundamentals, rewrite the AI Agent and explore how Kong AI Gateway can be used to protect an LLM infrastructure as well as external functions.…
Secure your AI infrastructure with prompt guards, PII sanitization, and centralized governance. Control LLM costs with token-based rate limiting and semantic routing across providers.