The latest news and announcements about Kong, our products, and our ecosystem, as well as voices from across our community.
Kong Gateway is an API gateway and a core component of the Kong Konnect platform . Built on a plugin-based extensibility model, it centralizes essential functions such as proxying, routing, load balancing, and health checking, efficiently managing both microservices and traditional API traffic. An…
While building a GenAI-powered agent for one of our company websites, I integrated components like LLM APIs, embedding models, and a RAG (Retrieval-Augmented Generation) pipeline. The application was deployed using a Flask API backend and secured with API keys. However, post-deployment, several…
Organizations are gradually realizing that API and AI observability aren't two separate problems; they're intertwined and require unified solutions. Without waiting on engineering, it's hard to answer simple questions like "Who's using my APIs?" or "Which APIs are causing the most issues?" Now…
We're very excited to announce Kong Mesh 2.12 to the world! Kong Mesh 2.12 delivers two very important features: SPIFFE / SPIRE support, which provides enterprise-class workload identity and trust models for your mesh, as well as a consistent Kuma Resource Identifier (KRI) naming convention for…
We're excited to announce the general availability of Konnect Debugger, formerly known as Active Tracing during its tech preview phase. This powerful debugging and observability solution in Kong Konnect has evolved from a focused tracing tool into a comprehensive debugging platform. Konnect Debugge…
The explosion of AI-native applications is upon us. With each new week, massive innovations are being made in how AI-centric applications are being built. There are a variety of tools developers need to consider, be it supplying live contextual data via the Model Context Protocol (MCP) or…
APIs are the lifeblood of disruption . . . when leveraged correctly. The best, most disruptive businesses are able to harness API growth as a strategic opportunity. But how? With an API platform that drives innovation, faster delivery, and top-tier customer experiences alongside a top-notch…
Observability has become critical to ensuring the effective monitoring of application and system performance and health. It focuses on understanding a system’s internal state by analyzing the data it produces in the context of real-time events and actions across the infrastructure. Unlike…
Understanding and monitoring the performance and health of applications and systems is critical. This is where observability comes into play. Observability is about gaining a comprehensive understanding of a system's internal state by analyzing the data it generates within the context of real-time…
Let's take a step back and start from the top: Defining AI Observability. This is the practice and intentional framework of gaining deep, real-time insights into the behavior and performance of AI systems. It goes beyond the basics of tracking CPU usage or memory consumption. Instead, it focuses on…
We're excited to announce the release of Kong Gateway 3.8 , a significant update that marks a major milestone in the evolution of our API management platform. This release is packed with enhancements designed to boost performance, fortify security, and provide greater flexibility and ease of use…
At API Summit 2024 , Kong announced its new Premium Technology Partner Program, a move designed to enhance the Kong ecosystem by promoting high-quality, reliable integrations and plugins that deliver real business value to customers. The objective? More top-tier integrations and plugins for…
This post is part of a series on becoming a secure API-first company. For a deeper dive, check out the eBook Leading Digital Transformation: Best Practices for Becoming a Secure API-First Company. As APIs have become mission-critical , securing them against threats is crucial. APIs are an…
APIs serve as the foundation for how software systems and services communicate and exchange data. But unmanaged and unsecured APIs can open up massive vulnerabilities that lead to disastrous security breaches and data leaks without proper governance. With API-related attacks increasing — and set…
The Open Web Application Security Project (OWASP for short) is a not-for-profit entity devoted to improving the security of software. Founded in 2001, OWASP is a global organization that supports thousands of volunteers globally to produce freely available articles, documentation, tutorials, and…
In this post, we'll talk about what API SecOps is, including the fundamentals of it and the personas involved. Then, we'll discuss how API, microservice, and policy lifecycles integrate to produce a secure service in production, and why collaboration and API-First Design are essential for APISecOps…
Secure your AI infrastructure with prompt guards, PII sanitization, and centralized governance. Control LLM costs with token-based rate limiting and semantic routing across providers.