The latest news and announcements about Kong, our products, and our ecosystem, as well as voices from across our community.
If the connection from clients to your API gateway isn't encrypted, all messages you send and receive are out in the open for all to read. In looking for a way in, attackers will make use of all features of an API, even the undocumented ones; security by obscurity is not a realistic defense…
[](/blog/learning-center/building-a-secure-api-gateway)In this article, were going to walk through a brief origin of RESTful APIs and then take a good look at what to consider when building your own APIs with RESTful design. RE presentational S tate T ransfer or REST is an architectural pattern designed by Roy Fielding, in a chapter of the dissertation…
[](/blog/learning-center/restful-api-best-practices)One of the many benefits of a microservices architecture over the traditional monolith approach to application design is the ability to scale the individual microservices as required for performance and availability. In production scenarios requiring high availability, uptime is always limited by…
[](/blog/learning-center/api-gateways-for-high-availability-clusters)Microservices architectures offer a number of benefits over a traditional monolithic design . Constructing a system out of loosely coupled services enables teams to work independently and means the individual services can be deployed and scaled independently. As a result, the system is more…
[](/blog/learning-center/continuous-integration-and-deployment-for-microservices)
We understand that our customers need to deploy Kong in a variety of environments and with different deployment mode needs. That is why two years ago, in Kong 1.1, we introduced DB-less mode, the ability to run Kong without the need of connecting to a database. We then demonstrated the Hybrid mode…
[](/blog/engineering/new-storage-engine-for-kong-hybrid-and-db-less-deployments)
In this episode of Kongcast , Matt Stratton , a staff developer advocate at Pulumi , explains the history of configuration automation, the world of cloud engineering and how it compares to DevOps. Check out the transcript and video from our conversation below, and be sure to subscribe to get email…
[](/blog/engineering/devops-cloud-engineering)
Insomnia is a fast and lightweight open source desktop application that doubles as a tool for API design and testing and as an API client for making HTTP requests. It has built-in support for REST Client , gRPC and GraphQL . All of that is just what you get out of the box. Many…
[](/blog/engineering/insomnia-plugins)
Microservices have an entirely new set of problems due to their distributed service-oriented architecture. As a result, microservice design patterns have surfaced. This post will consider the specific design patterns that can help us build reliable, secure and traceable microservices. Monitoring is…
[](/blog/enterprise/microservice-design-patterns)
As more companies invest in a cloud native infrastructure , they're choosing to prioritize their applications as microservices —architecting them into distinct servers. Each component is responsible for one (and only one) feature. For example, you might have Server A responsible for handling…
[](/blog/engineering/insomnia-rest)
As part of the Kong Gateway 2.6 release, we shipped a brand new jq plugin for anyone with an enterprise license to use. It’s like we combined the request and response transformer plugins to form a single, more powerful plugin—supercharging the way we work with request and response bodies. If you're…
[](/blog/engineering/jq-plugin)In this episode of Kongcast , I had the pleasure of speaking with Aaron Weikle , the founder and CEO at MS3 , about supporting legacy-based applications as companies add the next generation of microservices. Check out the transcript and video from our conversation below, and be sure to subscribe A…
[](/blog/enterprise/soap-legacy-applications)
Have you ever found yourself in a situation where all your service mesh services are running in Kubernetes, and now you need to expose them to the outside world securely and reliably? Ingress management is essential for your configuration and operations when exposing services outside of a cluster.…
[](/blog/engineering/istio-gateway)
Event Hooks is a new Kong Enterprise feature launched in the Kong Gateway 2.5 Release . This feature sends you notifications when certain events happen on your Kong Gateway deployment. Kong Gateway listens for events, like routes, services, consumers, certificates, plugins, workspaces and RBAC…
[](/blog/engineering/event-hooks-plugins)
As the software application world moves from monolith architectures to microservices , we are also seeing a shift toward developing modular and reusable APIs. According to APIOps , reusable APIs are consumable APIs, which means they must be well-documented and compliant. The separation between…
[](/blog/engineering/api-specifications)
Event hooks are a brand new feature we launched with Kong Gateway 2.5 that allows you to get notifications when certain events happen on your Kong Gateway deployment. If you want to keep an eye out for when your system creates new administrators or adds new plugins to a latency-sensitive route,…
[](/blog/engineering/event-hooks)Secure your AI infrastructure with prompt guards, PII sanitization, and centralized governance. Control LLM costs with token-based rate limiting and semantic routing across providers.