Explore how AI is reshaping the landscape of API security. From intelligent threat detection to automated policy enforcement, stay ahead with insights, strategies, and innovations at the intersection of artificial intelligence and secure API management.
An enterprise AI gateway should provide a centralized point of policy enforcement for routing, governing, securing, and observing artificial intelligence traffic at scale. LiteLLM is one of many AI gateways that can cover the foundational AI connectivity needs teams often start with. For…
[](/blog/enterprise/kong-ai-gateway-vs-litellm)
As organizations transition from experimental AI to production-grade systems, they often face a fragmented landscape of unmanaged LLM providers, complex tool integrations, and escalating security risks. Without a centralized orchestration layer, developers struggle to maintain consistent…
[](/blog/engineering/ai-infrastructure-with-kong-and-akamai)
The microservices revolution promised agility and scalability. Teams could deploy faster, scale independently, and innovate without monolithic constraints. You gain speed and flexibility, but you also multiply trust boundaries, identities, network paths, and policy decisions. Then came AI, and…
[](/blog/engineering/5-best-practices-securing-microservices-scale)
We want to ensure that our customers know that Kong is not affected by the PyPI LiteLLM incident publicized yesterday. Kong does not rely on LiteLLM — whether PyPI-distributed or otherwise — for any components in our runtime stack. As you may know, a supply chain vulnerability affecting LiteLLM…
[](/blog/news/kong-not-affected-by-the-pypi-distributed-litellm-supply-chain-attack)
The AI coding and Agent Harness approach is no longer experimental. This is likely the most impactful agentic AI use case in production today, and Claude Code is one of the solutions really leading the charge. But as engineering teams race to adopt Claude Code across their organizations, a critical…
[](/blog/engineering/claude-code-governance-with-an-ai-gateway)
Your traditional monitoring dashboards may show perfect infrastructure health, but that doesn't guarantee your large language model (LLM) application is running correctly. AI observability is the crucial fourth pillar that adds behavioral telemetry to detect and troubleshoot unique issues like…
[](/blog/learning-center/guide-to-ai-observability)
In today's digital landscape, APIs are the backbone of modern applications, and AI is the engine of innovation. As organizations increasingly rely on microservices and AI-powered features, the API gateway has become the critical control point for managing traffic. But as LLM/GenAI and MCP requests…
[](/blog/engineering/prisma-airs-kong-ai-gateway)
For too long, the Model Context Protocol (MCP) has operated on a principle of open access: connect an AI agent to an MCP server, and it gets access to every single tool that server offers. While this approach is simple for initial experimentation, it quickly becomes a liability in production.…
[](/blog/engineering/mcp-tool-governance-security-meets-context-efficiency)
While every organization races to deploy AI agents faster, a quieter crisis is compounding in the background, and it will play a large part in determining who survives the agentic era. The numbers are stark. Too many executives see AI governance as a brake on innovation or something to figure out…
[](/blog/enterprise/agentic-ai-governance-managing-shadow-ai-risk)
Kong AI Gateway 3.13 introduces MCP Tool ACLs , a powerful feature that enables fine-grained authorization and granular security policies for individual AI agent tools, solving the 'all-or-nothing' access problem. The evolution of AI agents and autonomous systems has created new challenges for…
[](/blog/product-releases/mcp-tool-acls-ai-gateway)
As enterprises increasingly embed AI and Large Language Models (LLMs) into their digital experiences, enforcing robust AI guardrails becomes paramount to safeguard users, protect data, manage operational costs, and comply with regulatory and ethical standards. Think of AI guardrails as essential…
[](/blog/engineering/ai-guardrails)
Organizations are going all-in on large language models (LLMs), with research finding 72% anticipate increased LLM spending in the coming year (and about 40% are already investing more than $250,000 USD per year). As enterprises rapidly adopt LLMs to transform customer experiences, automate…
[](/blog/engineering/owasp-top-10-ai-and-llm-guide)
This comprehensive guide will arm you with the knowledge and strategies needed to protect your LLMs from emerging threats. We’ll explore the OWASP LLM Top 10 vulnerabilities in detail and provide actionable approaches to mitigate these risks. Who should read this? By the end of this guide, you’ll…
[](/blog/enterprise/llm-security-playbook-for-injection-attacks-data-leaks-model-theft)
The excitement around large language models (LLMs) and agentic AI is justified. These systems can summarize, generate, reason, and even take actions across APIs — all with minimal human input. However, as enterprises race to integrate LLMs into real-world workflows — especially when those…
[](/blog/enterprise/building-pii-sanitization-for-llms-and-agentic-ai)
More than 80% of developers and business leaders say AI investments have already created the opportunity for new products or services, according to Kong’s 2024 API Impact Report . Clearly, AI has proven its value and place in the enterprise, but with new innovations come new potential…
[](/blog/enterprise/cost-of-api-security-incidents-2025)
It’s no secret that artificial intelligence (AI) is revolutionizing the way companies operate with its ability to sift through mountains of data and make accurate predictions at record speed. But with great power comes great responsibility. As AI systems are more regularly incorporated into…
[](/blog/enterprise/how-to-harness-ai-data-governance)