Systems | Development | Analytics | API | Testing

June 2023

API Security and Management: The Impact on the Fintech Industry

Greg Peranich and Tryn Brown contributed to this post. The world of financial services is driven by digital experiences. Over the last 20 years, virtually all banking activities have been taken online (an unfortunate change only for fans of pneumatic tubes and pens on beaded chains). Like other industries that have undergone digital transformation, financial institutions are leveraging APIs to give users a more seamless experience when managing their money.

Mesh Observability with OpenTelemetry P2: Deep Dive

📣 We had so much fun talking Mesh and OpenTelemetry in our last Kong Builders that we decided to give you a special Part 2! Join us on July 5th for a special extra addition of #KongBuilders live. Don't worry! We'll still be back again the last Wednesday of July too in our usual monthly slot! Join your favorite hosts, Viktor Gamov and Danny Freese as they dive even deeper into observability with OpenTelemetry. 📈📋

Bringing Gateway API for Mesh to Kuma

The release of Kuma 2.3 brings experimental support for GAMMA (Gateway API for Mesh Management and Administration) resources. Kuma has long supported Gateway API with the built-in gateway for ingress traffic but with GAMMA support, users can specify how to route and modify in-mesh traffic using the well-known HTTPRoute resource from Gateway API. Gateway API is a project focused on improving the APIs around networking between services in Kubernetes clusters.

Get Gravitas and Go Amazonian: Kong Validated for AWS Graviton3, Amazon Linux 2023 OS

Today, we’re thrilled to announce that Kong Enterprise and Kong Konnect Data Planes are now validated to run on AWS Graviton3 processors and Amazon Linux 2023 OS. As an APN Advanced Tier Partner of AWS, we were delighted to have the opportunity to benchmark Kong Enterprise running on AL2023 and Graviton3.

Kong Mesh 2.3 Improves Security, Flexibility, and Resiliency

Kong is proud to announce the release of the latest version of Kong Mesh 2.3. In this release, Kong Mesh continues to build upon the enterprise-grade service mesh in the critical areas of, security, flexibility, and resiliency. As organizations continue to leverage APIs to deliver digital experiences they rely more heavily on the underlying infrastructure that a mesh provides.

Kong Mesh 2.2.0 Certified on Red Hat OpenShift: Why and How to Get Started

By now, when we hear the words “service mesh” we typically know what to expect: service discovery, load balancing, traffic management and routing, security, observability, and resilience. So, why Kong Mesh? What does Kong Mesh offer that would be more difficult to obtain with other solutions? Why is Kong Mesh with Red Hat OpenShift a great pairing? We’re happy to announce that the Kong Mesh 2.2.0 UBI Images are available in the Red Hat Ecosystem Catalog.

GraphQL API Authorization Strategy with Kong Konnect and Styra DAS

In this talk, Claudio Acquaviva (Senior Solution Architect at Kong) and Ádám Sándor (Solutions Architect at Styra) discuss how to leverage Kong Konnect API Gateway and Styra Declarative Authorization Service (DAS) to build Open Policy Agent (OPA) authorization policies for GraphQL APIs. You will first learn how to implement a GraphQL API at Kong Gateway with OPA, followed by diving into Styra DAS to provide an enterprise-ready policy management platform to build, test, and deploy authorization policies.

Creating an API Monetization Stack

API monetization is currently a trending topic for many organizations looking to beef up their revenue. Of course, monetizing APIs isn’t the easiest of tasks and requires quite a few moving parts. When it comes to monetization, you’re going to need an entire technology stack to handle the heavy lifting. Creating a stack that allows you to build a product and get to market rapidly is great.

Getting Started with #ServiceMesh Workshop featuring #Kuma and #KongMesh

Service mesh is the future of application connectivity, offering immediate enhancements to your application traffic’s security, reliability, and observability. It abstracts network complexities, offering discovery, routing, and more functionalities. But you may ask, isn’t all of this already available in our frameworks? In this workshop, you’ll discover just how straightforward it is to get started with service mesh in a Kubernetes environment, and we’re not restricting ourselves to any specific language or framework. We aim to be inclusive, addressing developers from diverse backgrounds.

Kong Mesh Quickstart for OpenShift 4.12

Kong Mesh Quickstart for OpenShift 4.12 Brought to you by @KongInc Senior Partner Developer Danny Freese 💡Discover how to install Kong Mesh on OpenShift 4.12 in a quick and straightforward way. Whether you're a seasoned developer or just starting out, this tutorial is for you! Discover how to revolutionize your GraphQL Federation authorization with the power of Kong Konnect and Kong Mesh!

Streamline Service Mesh Observability with Kuma & OpenTelemetry

👋 Hello, Kong Builders! We are back with another insightful stream with your favorite host, Viktor Gamov. Join us in diving head-first into Service Mesh Observability and OpenTelemetry. 🌐🔎 In this livestream, we're honing in on observability, with OpenTelemetry. 📈📋 Observability plays a vital role in comprehending and managing microservices, enabling us to effectively diagnose and resolve system issues and gain real-time insights into our system's behavior.

API Platform and Data Mesh: Why Bring Them Together

Enterprises are investing in data mesh initiatives to accelerate how decisions are made and to create novel experiences based on machine learning models. Similarly, enterprises are investing in API platform initiatives to productize business domains (or bounded contexts in domain-driven design parlance) as self-service digital assets that accelerate innovation and improve business agility. Both initiatives are typically run as separate work streams.

In the Driver's Seat with Konnect - Uplevel Your API Management Strategy

Join Manjiri Tapaswi (Senior Software Engineer, Konnect at Kong) for a ride around your Konnect organization’s administrative management! Learn how to secure and govern your environment by setting up Teams and Roles, or enable SSO through an external authenticator. We’ll go over how to leverage System Accounts for hardening your automation and integrations. Tune up your security risks monitoring, compliance maintenance, and responding to potential security incidents when they occur, by setting up and tracking Audit Logs.

Guide to API Testing: Understanding the Basics

APIs come in many different shapes and sizes and have been around for a long time. Whether you are brand new to the topic or think about your day-to-day in terms of RESTful methods, you are using APIs every day. “This morning I PUT on my clothes, went to the kitchen to GET a cup of coffee, sat at my computer and felt the satisfaction of finding emails to DELETE that don’t need any action from me. My morning ended up being pretty 200 OK.”

Zero Trust Security: The What, Why and How

If you’ve been researching API security, you’ve likely seen the term “Zero Trust.” And you may already know that organizations can use Zero Trust to help protect their APIs from attacks. What you may not know is that Zero Trust is one of the best models for API security. According to Microsoft, “96 percent of security decision-makers state that Zero Trust is critical to their organization’s success.” But what is Zero Trust exactly?

Understand the Differences: API Authentication vs API Authorization

If you landed on this blog post, chances are that you care about keeping your API secure. It’s an important topic to discuss: API exploits are on the rise, and you don’t want unauthorized users accessing your data. A big part of that security is implementing API authentication and API authorization. These API access control measures are a foundational aspect of API security.

Kong Konnect: A Developer's Guide

In this guide, Viktor Gamov (Principle Developer Advocate at Kong) will dive into the power of Kong Konnect, the SaaS managed control plane for Kong Gateway designed for seamless API management. We’ll explore how to use Kong Konnect to configure external services, enable application registration, configure Dev Portal, use credentials to manage services access, and replicate configurations across different environments with just a few clicks. Let’s get started!

GraphQL Authorization with Konnect, OPA and OIDC

🚀 Join us live to learn about how to implement authentication and authorization for GraphQL APIs using OIDC and OPA with Konnect! 🤝 This tutorial focuses on the solution that can solve for the Authentication and Authorization concerns at the gateway layer. We'll first authenticate users, and if authenticated, then the user’s fine-grain permissions will be evaluated to determine if the user has permission to run the incoming GraphQL request (whether the request is nested or using query variables).