Talk tech with tips and tutorials from builders at Kong and the Kong Community.
The Stakes Keep Rising The security implications are severe. OWASP's 2025 Top 10 for LLM Applications ranks prompt injection as the number one critical vulnerability. Attackers manipulate LLM inputs to override instructions, extract sensitive data, or trigger unintended behaviors. Traditional…
Traditional APIs are, in a word, predictable. You know what you're getting: AI APIs, especially anything that runs on LLMs under the hood, are a completely different story. These things are highly unpredictable by their very nature. You're dealing with token-based costs that swing wildly depending…
Running Kong in front of your Solace Broker adds real benefits: Imagine an order service that accepts REST requests and publishes them as events. 1. API Consumer calls Kong with a standard POST request: 2. Kong Gateway applies authentication, validates the payload, adds a correlation ID, rate…
Architecture Overview A multicloud DCGW architecture typically contains three main layers. 1\. Konnect Control Plane The SaaS control plane manages configuration, plugins, and policies. All gateways connect securely to this layer. 2\. Dedicated Cloud Gateway Data Planes Each cloud environment ho…
Tool discovery for AI agents In early agent implementations, tools are often statically configured inside the agent. For example: { "mcpServers": { "weatherServer": { "command": "uv", "args": "run", "weather_server.py" ] }, "githubServer": {…
Claude Code is Anthropic's agentic coding and agent harness tool. Unlike traditional code-completion assistants that suggest the next line in an editor, Claude Code operates as an autonomous agent that reads entire codebases, edits files across multiple directories, runs terminal commands, executes…
In today's digital landscape, APIs are the backbone of modern applications, and AI is the engine of innovation. As organizations increasingly rely on microservices and AI-powered features, the API gateway has become the critical control point for managing traffic. But as LLM/GenAI and MCP requests…
The goal of Integration Platform as a Service (iPaaS) is to simplify how companies connect their applications and data. The promise for the first wave of iPaaS platforms like Mulesoft and Boomi was straightforward: a central platform where APIs, systems, and workflows could be managed together…
MCP servers expose all tools by default. There are two problems with this: security (agents get capabilities they shouldn't have) and performance (too many tools degrade LLM tool selection). The solution? Put a gateway between agents and MCP servers that filters tools based on who's asking. Default…
The example below shows how an AI agent can be built using Volcano SDK with minimal code, while still interacting with backend services in a controlled way. The agent is created by first configuring an LLM, then defining an MCP (Model Context Protocol) endpoint that represents a promotions service.…
MCP is an open standard that defines how AI clients communicate with remote servers. It provides a standardized protocol for clients like Claude, Cursor, or VS Code to access tools, resources, and capabilities from external systems. Currently, MCP servers can expose several types of capabilities to…
In one of our posts, Kong AI/MCP Gateway and Kong MCP Server technical breakdown, we described the new capabilities added to Kong AI Gateway to support MCP (Model Context Protocol). The post focused exclusively on consuming MCP server and MCP tools through Kong MCP Gateway. Now, it's time to check…
APIs have quietly powered the global shift to an interconnected economy. They’ve served as the data exchange highways behind the seamless experiences we now take for granted — booking a ride, paying a vendor, sending a message, syncing financial records, or stitching together SaaS tools into a…
In the latest Kong Gateway 3.12 release , announced October 2025, specific MCP capabilities have been released: The Kong AI Gateway sits in between the AI applications we build and the MCP Servers and GenAI models we consume. In fact, the Kong MCP Gateway sits side-by-side with the Kong LLM…
Kong Gateway is an API gateway and a core component of the Kong Konnect platform . Built on a plugin-based extensibility model, it centralizes essential functions such as proxying, routing, load balancing, and health checking, efficiently managing both microservices and traditional API traffic. An…
"To prioritize the safety and security of the ecosystem, Kubernetes SIG Network and the Security Response Committee are announcing the upcoming retirement of Ingress NGINX . Best-effort maintenance will continue until March 2026. Afterward, there will be no further releases, no bugfixes, and no…