Sessions

ATP has supported the aviation industry through technical publications and regulatory information since 1984. In recent years, it has expanded to include multiple SaaS products serving the aviation space. As the company’s growth has accelerated, so has the need for a foundation that brings together these many systems. Enter Kong. In this session, Fedor Gorin, Tyler Hall, and Cara Li will share how they’ve used different Kong Enterprise features — such as Dev Portal, OAuth plugins, and Ingress Controller — to support 1,000+ API endpoints. Attendees will walk away with a clear picture of how Kong serves as the core foundation for ATP’s integrated teams bringing together many disparate legacy systems.

In this talk, InfoCert will be sharing how they successfully adopted Kong Gateway in Kubernetes with a valuable collaboration with SIGHUP. Together, they set the path for managing Kong declaratively, taking advantage of the “decK” and “portal” tools. Infocert is a digital trust company focused on Digital Identification and Transactions and provides end-to-end digital identity and eSignature solutions, fostering re-usability, user convenience, compliance and security to enable a trusted digital business to over 2,000 corporate customers. Hear firsthand how the Kong Gateway automation, through Jenkins Pipelines, improved the governance of the DevOps team in a way that meets compliance and security requirements. And get an inside peek into the upcoming integrations around Kong Mesh in the InfoCert architecture needed to solve east-west traffic management.

In this educational session, find out why API Security is front-of-mind for many organizations. You’ll learn about the types of APIs, the challenges of protecting them, and best practices/ critical capabilities to consider when implementing API security.

Accessing a product is a critical experience that includes almost everyone – devs, sec, ops, support, sales, and of course, the customers. We keep rebuilding Access Control, yet it remains broken. In this session, get familiar with the best practices for building proper authorization including decoupling policy from code, updating data in real-time, a managed interface for stakeholders and customers, and managing it all using gitops. Learn how by combining these best practices and battle-tested tools & OSS, you can include all the needed players for access control with Kong + Permit.io.

At Lowe's, elevating API strategy became a priority to keep pace with the company's rapidly growing innovations, hybrid cloud, and OMNI channel expansion. By combining Cloud-Native Kong Gateway with a unified custom developer portal, Lowe’s reduced time to market and improved internal and external consumer management. In this session, you’ll learn best practices for deploying Kong Gateway on Kubernetes for optimal performance and throughput, and how to integrate it with a custom developer portal using Backstage, io, a workflow engine built on top of ISO BPMN 2.0, and a CI/CD powered with Kubernetes Operators, ArgoCD, Jenkins, HarshiCorp Vault, and Kong Ingres

In the rapidly changing technology space we operate within, modern organizations need a robust culture of innovation. Everyone talks about it, but how can you actually build one? Encouraging employees at every level to think and act accordingly and embrace innovative thinking demands innovative approaches. One strategy that can be extremely effective is gamification. In this session, we’ll discuss how leaders can build a culture that embraces innovation through activities such as hackathons, capture-the-flag cyber events, Kaggle-like competitions, and other gamified learning events.

With the move to distributed cloud architectures, it's becoming more important to ensure that our platforms are designed for failure and that they behave the way we expect in these failure events. Enter chaos engineering! The practice of injecting controlled failures into your system and then observing how it responds to the experiment. Join this talk where we will discuss the history of chaos engineering, why running regular chaos engineering experiments is important, and how you can incorporate this into your current CI/CD pipelines. We will then apply this practice in a demo of a simple failure scenario in Kuma. The failure event will be injected using a chaos engineer tool called ChaosMesh.

Migrating to the cloud and retiring monoliths safely can be extremely daunting. We’re often left with legacy monoliths on premise, incapable of containerization or shifting from a traditional vm, while we modernize and build out new services in the cloud. How can we fluidly and successfully transition to the cloud? In this talk, we will step through a migration strategy leveraging Kuma Mesh (CNCF Sandbox Project) and Kong Gateway(open-source) that gives us the flexibility to migrate at our own pace to the cloud. We will demonstrate the migration by exploiting the capability of Kuma Mesh to support Kubernetes and VM based workloads with the traffic routing policies (blue/green and canary) to incrementally shift services to the cloud.

IKEA is one of the world's largest retailers that specializes in designing and selling ready-to-assemble furniture. You likely have at least one piece of IKEA furniture in your own home! Over the last 5 years, IKEA has accelerated its digital transformation, particularly in the areas of APIs and events. Join Dervis Avdic, Engineering Manager for API Management in Ingka Group, IKEA as he discusses the journey (including successes and challenges) they have experienced thus far. The session will focus on topics like: - Objective vs Outcome - Platform evolution - Autonomy - The importance of the developer experience

Kong Enterprise provides a modular approach to building an API Gateway on AWS, unlocking multiple use cases and architectural patterns to be built on AWS. In this demo-based session, we will explore some of the use cases around deploying Kong Gateway with AWS CDK. You’ll also learn how to deploy Kong on AWS ECS, AWS EKS, and AWS Fargate.

Microservice and service mesh architectures bring big benefits — along with significant architectural complexity. A single call to one service can fan out to countless other microservices in a homogenous mesh, making debugging a Herculean task. Without cautious architecture, an organization can end up with a "distributed monolith." One strategy to avoid this is the domain-oriented service architecture. A DOA applies the ideas of domain-driven design to a distributed system. Services are grouped into domains and domains communicate over gateways. Kuma (CNCF sandbox project) has recently introduced first-class support for a DOA architecture with its gateway feature. The new MeshGateway API features logical service-level domain isolation and enforcement of cross-domain routing and control policies. This talk will show how to achieve a domain-oriented architecture in a microservice platform with the power of Kuma's MeshGateway.

Observability is critical for finding success in your digital transformation journey. Based on an API-first, cloud native microservice architecture, services and APIs are dynamically distributed and the user transaction journey gets complicated and agile. But the right set of observability tools can speed up MTTR and help improve the chances to achieve your SLO. In this session, we review the selection of observability plugins available from Kong on logs, metrics, and tracing — and we’ll demo how to use them to gain visibility from a single panel of glass. We’ll discuss Kong Gateway’s new open tracing capability and preview some OpenTelemetry-based plugins in the works. And we’ll also share Kong’s take on observability maturity levels and our recommendations for successfully implementing an observability strategy.

Researchers at Lawrence Berkeley National Laboratory are advancing the scope of human knowledge and actively seeking scientific solutions to some of humankind's most significant problems. Harnessing the power of supercomputing and state-of-the-art methods, the Materials Project (MP) provides open web-based access to computed information on known and predicted materials and powerful analysis tools to inspire and design novel materials. With over 200,000 registered users heavily using MP's online gateway and API, transitioning MP to micro-services in the cloud became a cornerstone in the longevity of MP. In this session, we will explore: - How the small core team at MP implements infrastructure-as-code from the ground up to efficiently use its limited cloud computing and human resources. - How MP deploys and runs a microservices-based network architecture on AWS cloud with Datadog for end-to-end observability. - The integral role Kong Gateway plays in managing and routing requests and enabling a unified developer experience. - How cloud architecture allows MP to meet modern requirements for high availability, rapid solutions, increased security, and scalability.

What backend system measures can you take to handle traffic spikes during high-scale events? CRED is a members-only club based out of Bangalore, India, that rewards individuals for their timely credit card bill payments by providing them with exclusive offers and access to premium experiences. As an official partner for IPL (Indian Premier League), one of the country’s most popular sporting events, CRED runs marketing campaigns to create rewarding experiences for its members with each IPL match getting a reach of around 100 million viewers. Today, the backend infrastructure at CRED has more than 350 microservices that power different functionalities for various lines of businesses. During IPL match day, CRED gets non-linear spikes in traffic within a short period which can slow down certain services and create cascading failures on the CRED app, degrading the user experience. Join Abhishek Varshney, Software Architect at CRED, as he explains how Kong enabled them to provide Quality of Service (QoS) through Progressive Load Shedding by disabling non-critical flows, especially in tier 1 aggregator services.

More than just a digital bank, Digio is a bantech - having the strength of a bank and the agility of a fintech. Combining their strength with a passion for technology, they are transforming the financial lives of thousands of Brazilians through their various financial offerings, providing the highest level of security and transparency. The Kong API Platform has made this all possible. APIs are essential for every business that needs to exchange data over networks in a secure, structured manner at scale. Digio has formalized a partnership with a digital mobile platform for drivers in Brazil that’s expanding rapidly throughout Latin America. This partnership will bring several millions of new users to the bank's services, as well as an increased necessity for APIs in order to deliver for clients. This session will highlight how Digio: - Overcame the challenge of scaling to millions of users by building a flexible multi-cloud architecture on top of Kubernetes - Used this architecture to provide service-to-service connectivity and ensure reliability between client and provider at scale - Elevated their API maturity level related to security, governance, control, observability, and usability through Kong Management portal and plugins - Scaled an API-first approach to help development teams release new features for digital products

In late 2021, the team at Engie Marketing & Sales Belgium decided they needed to replace their legacy API management solution with something modern. And they needed to act fast. API usage was rapidly increasing as the organization shifted to new API protocols and event streaming APIs, which couldn’t be supported by their legacy solution.

McAfee, a global leader in online protection security, enables home users and businesses to stay ahead of fileless attacks, viruses, malware, and other online threats. Join this session to: - Learn how McAfee uses Kong Enterprise from the AWS Marketplace to collect, process, and analyze telemetry from their endpoints installed on millions of consumer devices. - Hear how McAfee optimized their Kong Gateway deployment with Amazon Kinesis for performance and cost while handling billions of daily streaming events. - Discover business benefits and lessons learned from McAfee’s usage of Kong within their data and analytics platform to drive intelligent protections and personalization for consumers.

The modern data stack has become increasingly popular in the analytics community. Patterns like domain-driven design, known from classical software development, are finding their way into analytics contexts. This is the basis of a new paradigm, like Data Mesh. In a Data Mesh, every domain - like a different department for example - wants to solve similar problems with their own business data. Therefore, it’s vital to implement a flexible, lightweight, and manageable, but also secured and monitorable central self-service data platform. With the containerization of services, and using Kubernetes as a runtime, you can build flexible data architectures. Data visualization, data ingestion, orchestration, and ETL tools, as well as Cloud Data Warehouses, should all live together in a kind of a mesh. In this session, learn how Kong's CNCF Sandbox, project Kuma, provides the next level of security when handling data, other business domains, and exchanging data with external systems. Uncover the advantages of end-to-end tracing, data collection, and external access from outside of the mesh using Data APIs.

In large microservices environments, API gateways provide a unique vantage point in building systems & tools for reliability engineering. When dealing with a system the size of Uber’s (consisting of over 4000 microservices!) the goal is to mitigate or prevent outages in critical systems. In this session, Madan Thangavelu, Director of Engineering at Uber, will show you how to design your API gateways to allow for: - Seamless failovers - Context propagation - Sessions and data quality management - Impact analysis and metrics - User flow analysis - Realtime user interactions modeling with ML ... and more with some examples of extending Kong!

When Wayfair established Kong Enterprise as their API gateway in early 2022, they knew there would be a variety of technical hurdles to overcome. What they didn’t realize was that these hurdles - the OIDC integration, network topology, and comical routing errors - would be the easy part. The far more challenging, but rewarding, aspect of the initiative was working to build trust around an API gateway. In this session, Shai Sachs, Staff Engineer on Wayfair’s Cloud Native team, will share how implementing Kong Enterprise has led to the triumph of declarative configuration over imperative code, streamlined security processes through elevating cross-team discussions, and improved primary relationships with partners. You will learn how this fostered and improved communication, change management, relationship building, and facilitated innovation.

Banks across the world are increasingly adopting Open Banking to create new revenue streams and offer new services to its customers. APIs are the central building blocks enabling modular and iterative development, which is crucial to engage in an open banking paradigm. In this session, Jonas Persson, Enterprise Architect at SEB and Daniel Franzén, Head of Open Banking at SEB will discuss their journey of building Open Banking products and services that utilize internal APIs. You will learn how Kong Enterprise has helped support these initiatives by helping their technology teams better automate, secure and govern the way their APIs and microservices connect and exchange information.

Growing tech communities is surprisingly similar to caring for plants: each community (and plant) is unique and needs different care. If you struggle to keep a cactus alive, it can be daunting - but don’t panic! In this interactive session, Daliya Spasova, Community Manager, Kong will share four things you can do to help any tech community thrive. There will even be swag for those willing to answer some brain teasers! 1. We’ll begin with planting seeds — where and how you can start getting involved with your local tech communities. 2. Next, we’ll discuss a framework for nurturing tech communities as they begin to sprout. 3. As your community takes root, it needs tending to if it’s going to flourish. For this, Daliya will showcase some community maintenance techniques. 4. Finally, even greenthumbs need the right tools to keep a garden growing season over season. You will learn the essentials for sustaining a healthy community in the long run. Throughout this talk, you will get real-world recommendations on what you can do to successfully expand your community while getting practical examples of community programs run at Kong that have helped drastically grow a healthy and curious community.

Service mesh natively provides security, load-balancing, and simplifies connectivity between services, but how do you add distributed tracing and observability in a large-scale deployment? Learn how Koyeb, a serverless cloud provider, added end-to-end tracing and observability into a multi-tenant mesh to simplify connectivity troubleshooting in a multi-cloud environment. To do this, they rely on a custom stack with a multi-region service mesh using Kuma, Jaeger, Grafana, and Mimir. Co-founder, Yann Leger, will walk you through how Koyeb injected end-to-end tracing and observability into the platform, the key decisions their team made, and what their architecture looks like today.

While Kubernetes provides all the building blocks needed to deploy and operate an API Gateway, more thought is required to create an enterprise-grade production Kong installation. In this session, you will see live demonstrations and learn about: - The advantages of the Kubernetes Operator pattern and Kubernetes ecosystem for managing Ingress traffic for applications. - Kong Gateway Operator's automation features, including automated upgrades and rollbacks - How the operator allows the user to express simple single-gateway deployments for light use cases and complete multi-gateway deployments on a web-scale

Cargill is a leading American global food corporation committed to nourishing the world. Cargill's security team recently migrated to a new software defined networking solution. The API Platform team needed a way to respond to the new dynamic nature of changing IP Allow lists across Cargill to ensure their servers are protected against DoS and brute force attacks. Join Rob Hayes, Lead API Engineer and David Lewis-Frazier, Senior API Engineer at Cargill as they share their approach to implementing a combination of a custom plugin with out-of-the-box capabilities of Kong that works with a dynamically changing network.

Managing tokens in Kuma can be a challenging and manual process. Both the user and dataplane token lifetimes need to be manually tracked and managed. This ultimately becomes a burden for DevOps, and long life tokens end up being used. In this session, you will learn how to: - Leverage a secret engine like Hashicorp Vault to automate Kuma access and token management. - Dynamically create, manage, rotate, and revoke both user and dataplane tokens based on lifetime. - Set up auto-rotation for simple management of shorter TTL Tokens. - Leverage different auth methods for token requests — for example, Github for users or IAM for services.

In recent years, no-code/low-code has been trending to the point of approaching "buzzword" status. Consequently, with this growing trend comes potential failures within the space. A no-code/low-code strategy will fit within the strategies of most successful developer platforms over the next few years, but has important differences from other components of a comprehensive platform plan. In this session, you’ll get a holistic overview of the no-code/low-code landscape, common personas, key learnings from success and failures in the industry, and tips to create a plan as part of your overall developer story.

Have you ever wondered how a geo-distributed app such as a Slack-like corporate messenger is architected and functions? How hundreds of microservices are deployed and communicate across distant geographies? How thousands of user messages and events flow in real-time across the countries and petabytes of data are stored and accessed across continents? Wonder no more! In this talk, you’ll learn about the fundamental design principles for geo-distributed apps using a Slack-like corporate messenger. And you'll study the principles in practice by building the messenger from scratch with Kong, Kafka, and YugabyteDB.

One of the largest media companies in Europe, Sky Italia needed to modernize and improve its middleware architecture. With a broad range of services managed by an equally large number of subsystems, there was pressure from all sides to develop an API-first strategy. To achieve observability, cost-efficiency, and low latency, Sky Italia partnered with Kong and Live Reply to implement an API-led connectivity approach. In this session, Claudio Spadaccini, Head of Integration at Sky Italia, will share the challenges the team was facing, from both a technological and a human standpoint. Then Enrico Sandali and Gianmarco Sciortino from Live Reply will dive deep into how they built the new system, including an overview of their APIOps pipeline, use of decK, Dev Portal, and plugins. Find out how Sky Italia improved time to market and increased security and innovation, by promoting an API-first architecture.

Kong's recently released Konnect SaaS platform is powered by our own connectivity technology stack. In this talk, the Kong Cloud SRE team will show (using examples from Konnect) how a service mesh can: • Enhance the depth of debugging and observability capabilities • Provide routing and policy enforcement in a multi-zone cloud environment • Enable fine tuning at the network level for our many interconnected microservices This talk aims to give practitioners an in-depth, technical look into a full production installation of Kong Mesh and how it can significantly aid platform teams in managing complex cloud platforms and products.

Raiffeisen Bank International (RBI) is one of the leading banks in Austria, Central and Eastern Europe (CEE). With over 100 years of history, RBI has expanded globally and, along the way, collected numerous legacy systems that needed to be integrated. What started with point-to-point integrations ended up as spaghetti architecture, making it hard to roll out products from one country to another. Although RBI already had another API solution in place, it was limited in its ability to support their growing technical and regulatory needs. In this session, we’ll take a look at RBI’s journey of establishing a central team of engineers and architects, the Real Time Integration Center of Excellence (RICE). You’ll learn key considerations needed to create a successful RICE, critical pitfalls to avoid, and how Kong Enterprise's rich feature set helped address integration and regulatory challenges.

Have you ever thought about how big companies manage their APIs? Mercedes-Benz teams currently manage around 1500 APIs. Here is the story about how we evolved API management to an open platform, integrating the Kong OSS Gateway as the preferred gateway solution. We will talk about the past, present, and vision of the Mercedes-Benz API platform. And most importantly, you will learn how only three Kong Gateway instances replaced hundreds of Apigee Edge Microgateways with zero downtime.

Kong Enterprise provides a modular approach to building an API Gateway on AWS, including multiple use cases and architectural patterns. This session covers security space use cases and their respective architectural design patterns, as well as best practices. You will learn: - How to correlate use cases with Kong on AWS architectural patterns - Best practices for using Kong on AWS and the respective architectural patterns - Prescriptive guidance on implementing security at scale with Kong and AWS

The container adoption journey may be simple for experienced practitioners in greenfield development -but many established enterprises still face the daunting beginning of this journey, carrying the weight of complex monolithic applications on traditional compute. Join Kat and Christian as they extend service mesh and GitOps beyond the boundaries of Kubernetes. In this talk, you’ll learn: - How to bridge your classical compute and container-native platforms and enhance your monolith-to-microservice transformation roadmap with service mesh and GitOps policy-as-code. - How to utilize a service mesh capable of deploying to both Kubernetes-native and non-Kubernetes based platforms to implement microservice transformation - one micro-component at a time. - The benefits realized from a service mesh beyond the boundaries of Kubernetes from a single control plane.

Grupo Globo is the largest media and communication conglomerate in Latin America, directly reaching over 100 million people in Brazil daily. With over 300 APIs and 116B requests in their Kong Enterprise deployment, Globo has embarked on a journey to reduce the workload of software development within their organization -- both to save human resources and allocate them to more critical tasks. In this session, you will learn how Globo dramatically reduced the time that experienced engineers spend on debugging while using Kong plugins to: - Accelerate software development work - Address and overcome observability issues in an on-premise/cloud microservices environment - Develop a plugin written in Lua to help move applications smoothly and overcome issues around migrating from on-prem to GCP

Magicians never reveal their secrets . . . but today, weeveal everything! Behold the mysterious Envoy and the magic of mesh in Kong Mesh and its open source sibling, Kuma. Spoiler: the secret is in the sidecar! Join this mesh-by-example talk to learn about how the service mesh manages certificate rotation, cross-zone communication, and service discovery. This talk will explain to service mesh newcomers what application developers can offload to the sidecar proxy — and why it’s a cost-effective way to achieve your reliability and security objectives.

Cloud-native architectures are usually implemented using a distributed microservice architecture style. This furthers agility and flexibility since changes can rapidly be implemented, as the services are loosely coupled. But this comes at a price -- application monitoring becomes increasingly complex. In this talk, Sven Bernhardt will show how a basic observability strategy can easily be implemented without the need to alter your existing application logic. Sven will demonstrate: - How to use Kong Gateway and Kuma to facilitate consistent logs, metrics, and traces across all services. - How to trace down the complete request lifecycle starting from the first call to Kong Gateway - How Kuma makes inter-service communication transparently comprehensible - How the Grafana stack — consisting of Grafana, Prometheus, Loki and Tempo — can be used to gather all observability data in a central place and provide it for further analysis.

Inditex is one of the largest fashion retailers in the world, operating over 7,200 stores worldwide, which include Zara, Zara Home, and more notable brands. Their basic business principle is simple yet revolutionary - speed at responding to the market. This requires a massive technological infrastructure to support and maintain, including thousands of development teams and scalable technology. In this session, Ruben Aleman Alfonso, Systems and Solutions Architect, and Ingacio Fernández Moreno, Software Architect, will dive deep into the role APIs and microservices play in enabling Inditex in supporting millions of requests per minute and covering peaks in traffic. Along with detailing how they have built out this system, they will also speak to the challenges they have run into throughout their Kong journey and how they have worked to solve them.

Over the past few years, Vanguard has been on a journey towards a fully API-driven future. They have been busy breaking down monoliths into microservices and are now working to build an API platform for their developers to easily deploy their APIs and make them available to consumers wherever they are. In this session, Casie Ropski, Technical Scrum Master, Mike Wottle, Enterprise Architect, and Ted Hessing, Head of API Platforms, tell the story of Vanguard's adventure through APIs. This will include how they designed their new build pipeline using Kong's decK tool to improve the developer experience, how they used Kong's plugin system to provide a modular experience for developers, and more. Come discover Vanguard’s path through the API wilderness and how you too can chart your own path to success.

Get a technical preview of the upcoming support for WebAssembly in the Kong Gateway leveraging WasmX, a project created by Kong that adds WebAssembly support into Nginx. You'll learn about: • WebAssembly and what kinds of multi-language development it allows • WasmX and how it extends Nginx capabilities to support WebAssembly in a way that is Virtual Machine agnostic • Proxy-Wasm, the emerging standard for gateway extensions using Wasm, allowing filters to be written once and used in different gateways or meshes that support the format • How WasmX integrates into the Kong Gateway, enabling the execution of Proxy-Wasm filters as easily as Kong Plugins

Are you confused about what OAuth actually is? Maybe at this point, you are just afraid to ask? OAuth is an authorization framework that covers many different use cases. This session will demystify what OAuth 2.0 and OpenId Connect are and how they are used. Along the way, we will discuss the history of authentication and techniques to add OAuth to both new and legacy applications.

Kroger is one of the top 10 eCommerce companies in the United States and has seen massive growth in the past decade. To support this growth, both the engineering and product teams had to evolve their way of working. In this special session, you will be joined by two leaders from the product and engineering team at Kroger who will outline the creation, iteration, and scaling of their API Program. They will walk through what it was like in the early days, lessons learned along the way, and how their architecture has evolved over time. Additionally, you will get an inside look into their strategy for aligning with other areas of the business, as well as their mental model for quantifying the value that they create.