DISCOVER & TEST KONNECT APIS IN REAL TIME WITH INSOMNIA 13 MIGRATE 50% FASTER WITH KONG MIGRATION SERVICES DON'T MISS OUT ON API + AI SUMMIT 2026 | PRICES INCREASE AUGUST 16
  • [Why Kong ](/company/why-kong)Why Kong
  • _API & AI CONNECTIVITY TECHNOLOGIES_
    The Unified API and AI Platform
    []
    API ManagementAI ManagementEvent ManagementMonetization
    Migration Services
    API Advisory Services + Forward Deployed EngineersNEW
    • RUNTIMES
    • [API Gateway ](/products/kong-gateway)API Gateway
    • [AI Gateway HOT](/products/kong-ai-gateway)AI Gateway HOT
    • [Event Gateway ](/products/event-gateway)Event Gateway
    • [Service Mesh ](/products/kong-mesh)Service Mesh
    • [Context Mesh ](/products/kong-konnect/features/context-mesh)Context Mesh
    • [Ingress Controller ](/products/kong-ingress-controller)Ingress Controller
    • [Kong Operator ](/products/kong-operator)Kong Operator
    • CORE SERVICES
    • [MCP Registry NEW](/products/mcp-registry)MCP Registry NEW
    • [API Service Catalog ](/products/kong-konnect/features/api-service-catalog)API Service Catalog
    • [Runtime Management ](/products/kong-konnect/features/runtime-management)Runtime Management
    • [APIOps & Automation ](/products/apiops-automation)APIOps & Automation
    • APPS & AI AGENTS
    • [Developer Portal ](/products/kong-konnect/features/developer-portal)Developer Portal
    • [Usage Billing & Metering ](/products/kong-konnect/features/usage-based-metering-and-billing)Usage Billing & Metering
    • [Observability ](/products/kong-konnect/features/api-observability)Observability
    • [KAi Agent ](/products/kong-konnect/features/kai-ai-agent)KAi Agent
    DEVELOPER TOOLS
    [Insomnia ](https://insomnia.rest/)Insomnia [Plugins ](https://developer.konghq.com/plugins/)Plugins [Volcano ](https://volcano.dev/)Volcano [Kong MCP ](https://developer.konghq.com/konnect-platform/konnect-mcp/)Kong MCP [Documentation ](https://docs.konghq.com/)Documentation [Open Source ](/community)Open Source
      • FOR PLATFORM TEAMS
      • [Developer Platform ](/solutions/building-developer-platform)Developer Platform
      • [Kubernetes and Microservices ](/solutions/build-on-kubernetes)Kubernetes and Microservices
      • [Observability ](/solutions/observability)Observability
      • [Service Mesh Connectivity ](/solutions/service-mesh-connectivity)Service Mesh Connectivity
      • [Kafka Event Streaming ](/solutions/kafka-stream-api-management)Kafka Event Streaming
      • FOR EXECUTIVES
      • [AI Connectivity ](/ai-connectivity)AI Connectivity
      • [Open Banking ](/solutions/open-banking)Open Banking
      • [Legacy Migration ](/solutions/legacy-api-management-migration)Legacy Migration
      • [Platform Cost Reduction ](/solutions/api-platform-consolidation)Platform Cost Reduction
      • [Kafka Cost Optimization ](/solutions/reduce-kafka-cost)Kafka Cost Optimization
      • [API Monetization ](/solutions/api-monetization)API Monetization
      • [AI Monetization ](/solutions/ai-monetization)AI Monetization
      • [AI FinOps ](/solutions/ai-cost-governance-finops)AI FinOps
      • FOR AI TEAMS
      • [Agent Gateway ](/agent-gateway)Agent Gateway
      • [AI Governance ](/solutions/ai-governance)AI Governance
      • [AI Security ](/solutions/ai-security)AI Security
      • [AI Cost Control ](/solutions/ai-cost-optimization-management)AI Cost Control
      • [Agentic Infrastructure ](/solutions/agentic-ai-workflows)Agentic Infrastructure
      • [MCP Production ](/solutions/mcp-production-and-consumption)MCP Production
      • [MCP Traffic Gateway ](/solutions/mcp-governance)MCP Traffic Gateway
      • FOR DEVELOPERS
      • [Mobile App API Development ](/solutions/mobile-application-api-development)Mobile App API Development
      • [GenAI App Development ](/solutions/power-openai-applications)GenAI App Development
      • [API Gateway for Istio ](/solutions/istio-gateway)API Gateway for Istio
      • [Decentralized Load Balancing ](/solutions/decentralized-load-balancing)Decentralized Load Balancing
      • BY INDUSTRY
      • [Financial Services ](/solutions/financial-services-industry)Financial Services
      • [Healthcare ](/solutions/healthcare)Healthcare
      • [Higher Education ](/solutions/api-platform-for-education-services)Higher Education
      • [Insurance ](/solutions/insurance)Insurance
      • [Manufacturing ](/solutions/manufacturing)Manufacturing
      • [Retail ](/solutions/retail)Retail
      • [Software & Technology ](/solutions/software-and-technology)Software & Technology
      • [Transportation ](/solutions/transportation-and-logistics)Transportation
  • [Pricing ](/pricing)Pricing
      • DOCUMENTATION
      • [Kong Konnect ](https://developer.konghq.com/konnect/)Kong Konnect
      • [Kong Gateway ](https://developer.konghq.com/gateway/)Kong Gateway
      • [Kong Mesh ](https://developer.konghq.com/mesh/)Kong Mesh
      • [Kong AI Gateway ](https://developer.konghq.com/ai-gateway/)Kong AI Gateway
      • [Kong Event Gateway ](https://developer.konghq.com/event-gateway/)Kong Event Gateway
      • [Kong Insomnia ](https://developer.konghq.com/insomnia/)Kong Insomnia
      • [Plugin Hub ](https://developer.konghq.com/plugins/)Plugin Hub
      • EXPLORE
      • [Blog ](/blog)Blog
      • [Learning Center ](/blog/learning-center)Learning Center
      • [eBooks ](/resources/e-book)eBooks
      • [Reports ](/resources/reports)Reports
      • [Demos ](/resources/demos)Demos
      • [Customer Stories ](/customer-stories)Customer Stories
      • [Videos ](/resources/videos)Videos
      • EVENTS
      • [API + AI Summit ](/events/conferences/api-ai-summit)API + AI Summit
      • [Webinars ](/events/webinars)Webinars
      • [User Calls ](/events/user-calls)User Calls
      • [Workshops ](/events/workshops)Workshops
      • [Meetups ](/events/meetups)Meetups
      • [See All Events ](/events)See All Events
      • FOR DEVELOPERS
      • [Get Started ](https://developer.konghq.com/)Get Started
      • [Community ](/community)Community
      • [Certification ](/academy/certification)Certification
      • [Training ](https://education.konghq.com)Training
      • COMPANY
      • [About Us ](/company/about-us)About Us
      • [We're Hiring! ](/company/careers)We're Hiring!
      • [Press Room ](/company/press-room)Press Room
      • [Contact Us ](/company/contact-us)Contact Us
      • [Kong Partner Program ](/partners)Kong Partner Program
      • [Enterprise Support Portal ](https://support.konghq.com/s/)Enterprise Support Portal
      • [Documentation ](https://developer.konghq.com/?_gl=1*tphanb*_gcl_au*MTcxNTQ5NjQ0MC4xNzY5Nzg4MDY0LjIwMTI3NzEwOTEuMTc3MzMxODI2MS4xNzczMzE4MjYw*_ga*NDIwMDU4MTU3LjE3Njk3ODgwNjQ.*_ga_4JK9146J1H*czE3NzQwMjg1MjkkbzE4OSRnMCR0MTc3NDAyODUyOSRqNjAkbDAkaDA)Documentation
  • [](/search)
  • [Login](https://cloud.konghq.com/login)Login
  • [Book Demo](/contact-sales)Book Demo
  • [Get Started](/products/kong-konnect/register)Get Started
[Blog](/blog)Blog
  • [AI Gateway ](/blog/tag/ai-gateway)AI Gateway
  • [AI Security ](/blog/tag/ai-security)AI Security
  • [AIOps ](/blog/tag/aiops)AIOps
  • [API Security ](/blog/tag/api-security)API Security
  • [API Gateway ](/blog/tag/api-gateway)API Gateway
|
    • [API Management ](/blog/tag/api-management)API Management
    • [API Development ](/blog/tag/api-development)API Development
    • [API Design ](/blog/tag/api-design)API Design
    • [Automation ](/blog/tag/automation)Automation
    • [Service Mesh ](/blog/tag/service-mesh)Service Mesh
    • [Insomnia ](/blog/tag/insomnia)Insomnia
    • [Event Gateway ](/blog/tag/event-gateway)Event Gateway
    • [View All Blogs ](/blog/page/1)View All Blogs
We're Entering the Age of AI Connectivity [Read more](/blog/news/the-age-of-ai-connectivity)Read moreProducts & Agents:
    • [Kong AI Gateway](/products/kong-ai-gateway)Kong AI Gateway
    • [Kong API Gateway](/products/kong-gateway)Kong API Gateway
    • [Kong Event Gateway](/products/event-gateway)Kong Event Gateway
    • [Kong Metering & Billing](/products/kong-konnect/features/usage-based-metering-and-billing)Kong Metering & Billing
    • [Kong Insomnia](/products/kong-insomnia)Kong Insomnia
    • [Kong Konnect](/products/kong-konnect)Kong Konnect
  • [Documentation](https://developer.konghq.com)Documentation
  • [Book Demo](/contact-sales)Book Demo
  1. Home
  2. Blog
  3. Enterprise
  4. AI Agent Platforms Are Getting Hacked. Here's What's Missing.
[AI Security](/blog/tag/ai-security)AI Security
July 2, 2026
6 min read

# AI Agent Platforms Are Getting Hacked. Here's What's Missing.

Kong

In late June 2026, two of the most widely used AI agent platforms were compromised within the same week. Langflow disclosed a critical unauthenticated remote code execution flaw. Dify, powering over one million applications, revealed four vulnerabilities that exposed private conversations and internal APIs across tenant boundaries.

These weren't theoretical risks. They were production exploits hitting real infrastructure. The pattern should feel familiar — when web applications first went mainstream, they shipped fast and secured slowly. **AI agent security** is repeating the same cycle, and the gap between deployment speed and security maturity is widening.

The fix won't come from patching individual platforms. It will come from the same architectural layer that solved it for web apps: the gateway.


The Langflow CVEs and Dify Vulnerabilities: What Actually Happened

Langflow's security problems arrived in waves. CVE-2025-3248 introduced a code injection vulnerability allowing remote code execution through unsanitized user input [10]. Months later, [CVE-2025-34291](https://nvd.nist.gov/vuln/detail/cve-2025-34291)CVE-2025-34291 combined a CORS/CSRF chain with an account takeover path, giving attackers full RCE access to any Langflow instance with default configurations [1][9]. Then in early 2026, [CVE-2026-33017](https://labs.cloudsecurityalliance.org/research/csa-research-note-cve-2026-33017-langflow-ai-pipeline-rce-20/)CVE-2026-33017 landed with a CVSS score of 9.3 — an unauthenticated RCE flaw that was exploited in the wild within 20 hours of disclosure [2].

Dify's problems surfaced days later. Security researchers published the "DifyTap" vulnerabilities on June 22-23, 2026: four flaws enabling cross-tenant data exposure, private chat history reading, and unauthorized access to internal APIs [3][4]. A separate SSRF vulnerability (CVE-2025-56520) compounded the exposure [11]. Together, these flaws undermined the isolation guarantees Dify's multi-tenant architecture was supposed to provide.

The common thread across both platforms is structural. Neither enforced robust authentication, input validation, or rate limiting at the traffic layer. The application code assumed trusted inputs. The infrastructure assumed trusted callers. Both assumptions failed.

We've Been Here Before: The WAF Moment for AI

This pattern has a precedent. In the early 2010s, web applications shipped with the same structural blind spots. SQL injection, cross-site scripting, and session hijacking exploited the gap between what application code assumed and what the network actually delivered. Web Application Firewalls didn't replace secure coding. They added a traffic-layer enforcement point that caught what application logic missed.

That layer became essential infrastructure — not because developers stopped writing bugs, but because the attack surface was too large for application code to cover alone.

AI agent platforms face a harder version of this problem. A compromised web application exposes data. A compromised AI agent acts. Agents execute tools, chain outputs across services, and call APIs with delegated authority. An attacker who gains control of an agent doesn't just read your data — they operate with the agent's permissions, calling internal services and triggering workflows.

The blast radius of a compromised agent is fundamentally larger than a compromised web form. According to NeuralTrust's 2026 research, 1 in 5 CISOs (19.5%) report at least one AI agent-related security event [6]. HUMAN Security's 2026 benchmarks found that AI agent traffic grew 7,851% year over year [7].

The ecosystem is responding. On June 23, 2026, the Linux Foundation announced the Agent Name Service (ANS), an initiative to establish trusted identity infrastructure for AI agents [5]. The move signals that agentic AI security is no longer a niche concern — it's an infrastructure category.

Like the WAF moment before it, the answer isn't better application code alone. It's a governance layer at the traffic boundary. This is the problem Kong AI Gateway was built to solve.

What Gateway-Level Security Actually Means for AI Agents

Securing AI agents at the application layer is necessary but insufficient. The traffic layer — where every request, response, and tool call passes through — is where enforcement needs to live. [Kong's AI Gateway](https://konghq.com/products/kong-ai-gateway)Kong's AI Gateway implements four security primitives at this layer:

  1. Authentication and authorization. Every agent, tool, and model call is authenticated before it reaches the backend. RBAC policies enforce which agents can access which internal services, and identity is verified at the gateway rather than delegated to each downstream application. This is how you govern AI agent access to internal microservices: enforce identity and permission boundaries at the traffic layer, before calls reach service endpoints. Kong supports [securing A2A endpoints with key authentication](https://developer.konghq.com/how-to/secure-a2a-endpoints/)securing A2A endpoints with key authentication as a baseline.
  2. Input validation and prompt injection protection. Prompt injection remains one of the [OWASP Top 10 LLM vulnerabilities](https://konghq.com/blog/engineering/owasp-top-10-ai-and-llm-guide)OWASP Top 10 LLM vulnerabilities [8]. Kong AI Gateway applies semantic prompt guards that filter malicious inputs by category rather than brittle keyword matching. This catches injection attempts before they reach the model. Kong's [LLM security playbook for injection attacks](https://konghq.com/blog/enterprise/llm-security-playbook-for-injection-attacks-data-leaks-model-theft)LLM security playbook for injection attacks covers additional defensive patterns.
  3. Rate limiting and cost controls. Without traffic-layer rate limiting, a single compromised agent can generate thousands of LLM calls in seconds, burning through token budgets and amplifying whatever exploit the attacker is running. Kong enforces token-based quotas, team-level rate limits, and cost attribution per request.
  4. Zero-trust enforcement. In a zero-trust architecture across microservices and AI agents, no caller is trusted by default — every request is authenticated, authorized, and logged regardless of its origin. Kong enforces mutual TLS, validates caller identity at the gateway, and applies per-request policies so that lateral movement from a compromised agent is contained, not amplified. See Kong's guide on [best practices for securing AI microservices](https://konghq.com/blog/engineering/5-best-practices-securing-microservices-scale)best practices for securing AI microservices for implementation patterns.

These aren't features bolted onto a routing proxy. They are the core architecture of [AI Gateway documentation](https://developer.konghq.com/index/ai-gateway/)AI Gateway documentation, built on the same runtime that governs API traffic for thousands of enterprises worldwide. Kong AI Gateway runs at production scale with sub-millisecond latency overhead — because prompt injection protection and zero-trust AI infrastructure shouldn't come at the cost of performance.

Standardization Without Security Is a Blueprint for Risk

The Linux Foundation's Agent Name Service announcement is a positive development [5]. Standardized agent identity, interoperable registries, and trusted naming infrastructure will make multi-agent systems more manageable. Standardization is how ecosystems mature.

But standardization without security primitives built into the infrastructure creates a different risk. Interoperable agents that any system can discover and invoke are powerful. Interoperable agents that any system can discover, invoke, and exploit are dangerous. HUMAN Security's 2026 benchmarks show that AI agent traffic is growing at an unprecedented rate [7].

The lesson from APIs is instructive. API standards like OpenAPI made integration easier. They also made exploitation easier when gateways didn't enforce authentication, rate limits, and access policies consistently.

Kong has spent over a decade ensuring that API connectivity comes with governance built in. The same discipline applies to AI gateway security: every connection governed, every call authenticated, every policy enforced at the traffic layer.

The Gateway Layer Is No Longer Optional

The Langflow and Dify incidents are not edge cases. They are early signals of a structural gap in AI infrastructure. Agent platforms move fast. They execute code, call tools, chain outputs, and operate with real permissions in production environments. Security at the application layer is necessary. Security at the traffic layer is what makes it enforceable.

The comparison to WAFs isn't just a historical analogy. It's a roadmap. Web applications didn't become secure because developers stopped writing bugs. They became secure because the industry built enforcement into the infrastructure.

AI agents need the same architectural intervention. Kong AI Gateway delivers it — authentication, input validation, rate limiting, and zero-trust governance at the traffic layer, with the production-grade performance that comes from running the API infrastructure for thousands of enterprises worldwide.

The question isn't whether AI agent platforms will be attacked. They already are. The question is whether your infrastructure is built to govern the traffic before it reaches the application. Every unprotected agent endpoint is an open invitation.


[See How Kong's AI Gateway Secures AI Agent Traffic - Explore Kong AI Gateway](https://konghq.com/products/kong-ai-gateway)See How Kong's AI Gateway Secures AI Agent Traffic - Explore Kong AI Gateway


FAQs

How do I secure an AI agent platform?

Start by enforcing security at the traffic layer, not just inside the application. That means authenticating every agent and tool call, validating inputs before they reach models, applying rate limits and token quotas, and logging every request for audit. Kong AI Gateway provides these capabilities at the gateway level, so security policies are enforced consistently across all agent traffic regardless of which frameworks, models, or tools your agents use.

Why were Langflow and Dify vulnerable to attack?

Both platforms lacked gateway-level security controls at the traffic layer. Langflow exposed unauthenticated endpoints that allowed remote code execution without verifying caller identity. Dify's multi-tenant architecture failed to enforce proper isolation, enabling cross-tenant data access. In both cases, the core issue was the same: requests reached application logic without passing through authentication, input validation, or rate limiting at the infrastructure boundary. Kong AI Gateway prevents this class of vulnerability by enforcing these controls before traffic reaches the application.

What security does an AI gateway provide?

An AI gateway sits between your agents and the services they consume, enforcing security policies on every request. Kong AI Gateway specifically provides authentication and RBAC for agent-to-service communication, semantic prompt injection detection, per-request rate limiting and cost controls, PII sanitization, and zero-trust enforcement with mutual TLS. These controls operate at the infrastructure layer, which means they apply uniformly and can't be bypassed by application-level misconfigurations.


References

[1] Obsidian Security. "CVE-2025-34291: Critical Account Takeover and RCE in Langflow." Dec 2025. [https://www.obsidiansecurity.com/blog/cve-2025-34291-critical-account-takeover-and-rce-vulnerability-in-the-langflow-ai-agent-workflow-platform](https://www.obsidiansecurity.com/blog/cve-2025-34291-critical-account-takeover-and-rce-vulnerability-in-the-langflow-ai-agent-workflow-platform)https://www.obsidiansecurity.com/blog/cve-2025-34291-critical-account-takeover-and-rce-vulnerability-in-the-langflow-ai-agent-workflow-platform

[2] Cloud Security Alliance. "Langflow RCE CVE-2026-33017: Exploited Within 20 Hours." Mar 2026. [https://labs.cloudsecurityalliance.org/research/csa-research-note-cve-2026-33017-langflow-ai-pipeline-rce-20/](https://labs.cloudsecurityalliance.org/research/csa-research-note-cve-2026-33017-langflow-ai-pipeline-rce-20/)https://labs.cloudsecurityalliance.org/research/csa-research-note-cve-2026-33017-langflow-ai-pipeline-rce-20/

[3] SecurityWeek. "Data Exposure Flaws Threaten Dify AI Platform." Jun 2026. [https://www.securityweek.com/data-exposure-flaws-threaten-dify-ai-platform-powering-over-1-million-apps/](https://www.securityweek.com/data-exposure-flaws-threaten-dify-ai-platform-powering-over-1-million-apps/)https://www.securityweek.com/data-exposure-flaws-threaten-dify-ai-platform-powering-over-1-million-apps/

[4] Dark Reading. "DifyTap Bugs Let Attackers Wiretap AI Chat Histories." Jun 2026. [https://www.darkreading.com/application-security/difytap-bugs-wiretap-ai-chat-histories](https://www.darkreading.com/application-security/difytap-bugs-wiretap-ai-chat-histories)https://www.darkreading.com/application-security/difytap-bugs-wiretap-ai-chat-histories

[5] Linux Foundation. "Agent Name Service Announcement." Jun 2026. [https://www.linuxfoundation.org/press/linux-foundation-announces-intent-to-launch-agent-name-service-to-establish-trusted-identity-infrastructure-for-ai-agents](https://www.linuxfoundation.org/press/linux-foundation-announces-intent-to-launch-agent-name-service-to-establish-trusted-identity-infrastructure-for-ai-agents)https://www.linuxfoundation.org/press/linux-foundation-announces-intent-to-launch-agent-name-service-to-establish-trusted-identity-infrastructure-for-ai-agents

[6] NeuralTrust. "The State of AI Agent Security 2026." 2026. [https://cdn.lawreportgroup.com/acuris/files/Law-Report-Group-Files-New/AI%20Agent%20Part%201%20NeuralTrust%20Report.pdf](https://cdn.lawreportgroup.com/acuris/files/Law-Report-Group-Files-New/AI%20Agent%20Part%201%20NeuralTrust%20Report.pdf)https://cdn.lawreportgroup.com/acuris/files/Law-Report-Group-Files-New/AI%20Agent%20Part%201%20NeuralTrust%20Report.pdf

[7] HUMAN Security. "2026 State of AI Traffic & Cyberthreat Benchmarks." 2026. [https://www.humansecurity.com/learn/resources/2026-state-of-ai-traffic-cyberthreat-benchmarks/](https://www.humansecurity.com/learn/resources/2026-state-of-ai-traffic-cyberthreat-benchmarks/)https://www.humansecurity.com/learn/resources/2026-state-of-ai-traffic-cyberthreat-benchmarks/

[8] OWASP. "Top 10 for LLM Applications." 2025. [https://owasp.org/www-project-top-10-for-large-language-model-applications/](https://owasp.org/www-project-top-10-for-large-language-model-applications/)https://owasp.org/www-project-top-10-for-large-language-model-applications/

[9] NVD. "CVE-2025-34291." [https://nvd.nist.gov/vuln/detail/cve-2025-34291](https://nvd.nist.gov/vuln/detail/cve-2025-34291)https://nvd.nist.gov/vuln/detail/cve-2025-34291

[10] SentinelOne. "CVE-2025-3248: Langflow Code Injection RCE Vulnerability." Jan 2026. [https://www.sentinelone.com/vulnerability-database/cve-2025-3248/](https://www.sentinelone.com/vulnerability-database/cve-2025-3248/)https://www.sentinelone.com/vulnerability-database/cve-2025-3248/

[11] CrowdSec. "CVE-2025-56520: Dify SSRF Vulnerability." Feb 2026. [https://www.crowdsec.net/vulntracking-report/cve-2025-56520](https://www.crowdsec.net/vulntracking-report/cve-2025-56520)https://www.crowdsec.net/vulntracking-report/cve-2025-56520

- [AI Security](/blog/tag/ai-security)AI Security- [Agentic AI](/blog/tag/agentic-ai)Agentic AI- [AI Gateway](/blog/tag/ai-gateway)AI Gateway- [Zero-Trust](/blog/tag/zero-trust)Zero-Trust

## More on this topic

_Webinars_

## You Secured Your APIs. Then You Added AI.

_eBooks_

## The AI Connectivity Playbook: How to Build, Govern & Scale AI

## See Kong in action

Accelerate deployments, reduce vulnerabilities, and gain real-time visibility. 

[Get a Demo](/contact-sales)Get a Demo
**Topics**
- [AI Security](/blog/tag/ai-security)AI Security- [Agentic AI](/blog/tag/agentic-ai)Agentic AI- [AI Gateway](/blog/tag/ai-gateway)AI Gateway- [Zero-Trust](/blog/tag/zero-trust)Zero-Trust
Kong

Recommended posts

# LiteLLM vs Kong: Choosing the Right Enterprise AI Gateway for Production

[Enterprise](/blog/tag)EnterpriseMay 7, 2026

For many buyers, this is where the evaluation begins: the part of the stack responsible for controlling, shaping, and observing AI traffic as it moves between applications and AI models. Once the baseline requirements are met, the question then shif

Adam Jiroun

# Kong and Noma Partner to Deliver Advanced Agentic AI Security and Runtime Protection

[Enterprise](/blog/tag)EnterpriseJune 15, 2026

Organizations are under immense pressure to develop and deploy AI agents quickly and at scale. However, since agentic AI systems rely on live data and complex integrations, they also introduce a massive new attack surface.  Traditional security tool

Nadav Lotan

# Your AI Agent Knows What. It Doesn't Know Why.

[Enterprise](/blog/tag)EnterpriseMay 19, 2026

When teams build agentic systems — AI that can take autonomous actions, call tools, make decisions, and chain reasoning steps across a session — the conversation focuses on models, frameworks, protocols like MCP (Model Context Protocol) and A2A (

Hugo Guerrero

# How to Talk to Your CFO About AI Gateway Metrics

[Enterprise](/blog/tag)EnterpriseMay 19, 2026

Success starts with three things to bridge the organizational gap. The translation table. Guide the CFO through the metrics their infrastructure is already producing and what each one means in financial terms. The goal is not to explain the technol

Dan Temkin

# AI Agent Integration: Gartner Research Confirms Need for AI Control Layer

[Enterprise](/blog/tag)EnterpriseMay 8, 2026

An AI control layer is the governance and observability infrastructure that sits between AI agents and enterprise applications, handling authentication, routing, rate limiting, and auditability to ensure secure, managed access. Unlike traditional in

Heather Halenbeck

# Governing Claude Code: How To Secure Agent Harness Rollouts with Kong AI Gateway

[Engineering](/blog/tag)EngineeringMarch 7, 2026

Claude Code is Anthropic's agentic coding and agent harness tool. Unlike traditional code-completion assistants that suggest the next line in an editor, Claude Code operates as an autonomous agent that reads entire codebases, edits files across mult

Alex Drag

# From Microservices to AI Traffic — Kong as the Unified Control Plane

[Enterprise](/blog/tag)EnterpriseMarch 30, 2026

The Anatomy of Architectural Complexity Modern architectures now juggle three distinct traffic patterns. Each brings unique demands. Traditional approaches treat them separately. This separation creates unnecessary complexity. North-South API Traf

Kong

# LiteLLM vs Kong: Choosing the Right Enterprise AI Gateway for Production

[Enterprise](/blog/tag)EnterpriseMay 7, 2026

For many buyers, this is where the evaluation begins: the part of the stack responsible for controlling, shaping, and observing AI traffic as it moves between applications and AI models. Once the baseline requirements are met, the question then shif

Adam Jiroun

# Kong and Noma Partner to Deliver Advanced Agentic AI Security and Runtime Protection

[Enterprise](/blog/tag)EnterpriseJune 15, 2026

Organizations are under immense pressure to develop and deploy AI agents quickly and at scale. However, since agentic AI systems rely on live data and complex integrations, they also introduce a massive new attack surface.  Traditional security tool

Nadav Lotan

# Your AI Agent Knows What. It Doesn't Know Why.

[Enterprise](/blog/tag)EnterpriseMay 19, 2026

When teams build agentic systems — AI that can take autonomous actions, call tools, make decisions, and chain reasoning steps across a session — the conversation focuses on models, frameworks, protocols like MCP (Model Context Protocol) and A2A (

Hugo Guerrero

# How to Talk to Your CFO About AI Gateway Metrics

[Enterprise](/blog/tag)EnterpriseMay 19, 2026

Success starts with three things to bridge the organizational gap. The translation table. Guide the CFO through the metrics their infrastructure is already producing and what each one means in financial terms. The goal is not to explain the technol

Dan Temkin

# AI Agent Integration: Gartner Research Confirms Need for AI Control Layer

[Enterprise](/blog/tag)EnterpriseMay 8, 2026

An AI control layer is the governance and observability infrastructure that sits between AI agents and enterprise applications, handling authentication, routing, rate limiting, and auditability to ensure secure, managed access. Unlike traditional in

Heather Halenbeck

# Governing Claude Code: How To Secure Agent Harness Rollouts with Kong AI Gateway

[Engineering](/blog/tag)EngineeringMarch 7, 2026

Claude Code is Anthropic's agentic coding and agent harness tool. Unlike traditional code-completion assistants that suggest the next line in an editor, Claude Code operates as an autonomous agent that reads entire codebases, edits files across mult

Alex Drag

# From Microservices to AI Traffic — Kong as the Unified Control Plane

[Enterprise](/blog/tag)EnterpriseMarch 30, 2026

The Anatomy of Architectural Complexity Modern architectures now juggle three distinct traffic patterns. Each brings unique demands. Traditional approaches treat them separately. This separation creates unnecessary complexity. North-South API Traf

Kong

# LiteLLM vs Kong: Choosing the Right Enterprise AI Gateway for Production

[Enterprise](/blog/tag)EnterpriseMay 7, 2026

For many buyers, this is where the evaluation begins: the part of the stack responsible for controlling, shaping, and observing AI traffic as it moves between applications and AI models. Once the baseline requirements are met, the question then shif

Adam Jiroun

# Kong and Noma Partner to Deliver Advanced Agentic AI Security and Runtime Protection

[Enterprise](/blog/tag)EnterpriseJune 15, 2026

Organizations are under immense pressure to develop and deploy AI agents quickly and at scale. However, since agentic AI systems rely on live data and complex integrations, they also introduce a massive new attack surface.  Traditional security tool

Nadav Lotan

# Your AI Agent Knows What. It Doesn't Know Why.

[Enterprise](/blog/tag)EnterpriseMay 19, 2026

When teams build agentic systems — AI that can take autonomous actions, call tools, make decisions, and chain reasoning steps across a session — the conversation focuses on models, frameworks, protocols like MCP (Model Context Protocol) and A2A (

Hugo Guerrero

# How to Talk to Your CFO About AI Gateway Metrics

[Enterprise](/blog/tag)EnterpriseMay 19, 2026

Success starts with three things to bridge the organizational gap. The translation table. Guide the CFO through the metrics their infrastructure is already producing and what each one means in financial terms. The goal is not to explain the technol

Dan Temkin

# AI Agent Integration: Gartner Research Confirms Need for AI Control Layer

[Enterprise](/blog/tag)EnterpriseMay 8, 2026

An AI control layer is the governance and observability infrastructure that sits between AI agents and enterprise applications, handling authentication, routing, rate limiting, and auditability to ensure secure, managed access. Unlike traditional in

Heather Halenbeck

# Governing Claude Code: How To Secure Agent Harness Rollouts with Kong AI Gateway

[Engineering](/blog/tag)EngineeringMarch 7, 2026

Claude Code is Anthropic's agentic coding and agent harness tool. Unlike traditional code-completion assistants that suggest the next line in an editor, Claude Code operates as an autonomous agent that reads entire codebases, edits files across mult

Alex Drag

# From Microservices to AI Traffic — Kong as the Unified Control Plane

[Enterprise](/blog/tag)EnterpriseMarch 30, 2026

The Anatomy of Architectural Complexity Modern architectures now juggle three distinct traffic patterns. Each brings unique demands. Traditional approaches treat them separately. This separation creates unnecessary complexity. North-South API Traf

Kong

## Ready to see Kong in action?

Get a personalized walkthrough of Kong's platform tailored to your architecture, use cases, and scale requirements.

[Get a Demo](/contact-sales)Get a Demo

## step-0

    • Company
    • [About Kong ](/company/about-us)About Kong
    • [Customers ](/customer-stories)Customers
    • [Careers ](/company/careers)Careers
    • [Press ](/company/press-room)Press
    • [Events ](/events)Events
    • [Contact ](/company/contact-us)Contact
    • [Pricing ](/pricing)Pricing
      •    * [Terms](/legal/terms-of-use)
      •    * [Privacy](/legal/privacy-policy)
      •    * [Trust and Compliance](https://trust.konghq.com/)
    • Platform
    • [Kong AI Gateway ](/products/kong-ai-gateway)Kong AI Gateway
    • [Kong Konnect ](/products/kong-konnect)Kong Konnect
    • [Kong Gateway ](/products/kong-gateway)Kong Gateway
    • [Kong Event Gateway ](/products/event-gateway)Kong Event Gateway
    • [Kong Insomnia ](/products/kong-insomnia)Kong Insomnia
    • [Documentation ](https://developer.konghq.com)Documentation
    • [Book Demo ](/contact-sales)Book Demo
    • Compare
    • [AI Gateway Alternatives ](/performance-comparison/ai-gateway-alternatives)AI Gateway Alternatives
    • [Kong vs Apigee ](/performance-comparison/kong-vs-apigee)Kong vs Apigee
    • [Kong vs AWS ](/performance-comparison/kong-vsaws)Kong vs AWS
    • [Kong vs IBM ](/performance-comparison/ibm-api-connect-vs-kong)Kong vs IBM
    • [Kong vs Mulesoft ](/performance-comparison/kong-vs-mulesoft)Kong vs Mulesoft
    • [Kong vs Postman ](/performance-comparison/kong-vs-postman)Kong vs Postman
    • Explore More
    • [Open Banking API Solutions ](/solutions/open-banking)Open Banking API Solutions
    • [API Governance Solutions ](/solutions/api-governance)API Governance Solutions
    • [Istio API Gateway Integration ](/solutions/istio-gateway)Istio API Gateway Integration
    • [Kubernetes API Management ](/solutions/build-on-kubernetes)Kubernetes API Management
    • [API Gateway: Build vs Buy ](/campaign/secure-api-scalability)API Gateway: Build vs Buy
    • Open Source
    • [Kong Gateway ](https://developer.konghq.com/gateway/install/)Kong Gateway
    • [Kuma ](https://kuma.io/)Kuma
    • [Insomnia ](https://insomnia.rest/)Insomnia
    • [Kong Community ](/community)Kong Community

Kong enables the connectivity layer for the agentic era – securely connecting, governing, and monetizing APIs and AI tokens across any model or cloud.

  • English
  • Japanese
  • Frenchcoming soon
  • Spanishcoming soon
  • Germancoming soon
[Everything is 200 OK](https://status.konghq.com/)
© Kong Inc. 2026
Interaction mode