Systems | Development | Analytics | API | Testing

October 2023

Quick Look: Building a Modern API Platform: A 5-Min Mini-Demo with Kong Konnect | API Summit 2023

Quick Look: Building a Modern API Platform: A 5-Min Mini-Demo with Kong Konnect | API Summit 2023 In this session, Greg Peranich, Senior Solutions Engineer at Kong demonstrates how technology leaders can leverage Kong Konnect to build a world-class API lifecycle management platform. Greg covers topics such as managing distributed Kong Gateway instances, securing outbound calls to a third-party API, configuring a gateway in a declarative fashion, monitoring the health and performance of any service, route, or application, and much more.

The Economic Impact of APIs: API Monetization, AI, Web3, and Beyond

Whether ordering groceries online, checking your bank balance, or tracking a delivery, APIs are behind the scenes making it all possible. They're the backbone of the digital experiences that drive our interconnected global economy. You may know that. But beyond the convenient (and sometimes delightful) experiences APIs enable, how are APIs actually affecting the global economy and shaping the future course of business and technology? We wanted to know, so we found out.

API Gateway and Service Mesh: Bridging the Gap Between API Management and Zero-Trust Architecture

Discover how API management and service mesh can go hand in hand toward secured platforms Over the last ten years, Kongers have witnessed hundreds of companies adopting a full lifecycle API management platform and have been working with the people behind the scenes, the “API tribes.” We’ve also learned from the field that API tribes most often have to deal with heterogeneous platforms, infrastructures, and clouds.

Docs as Code: Screenshot Automation at Kong

Imagine this: You're documenting an unreleased feature, and your documentation requires screenshots. However, you're working in an internal environment that includes features you don't want to reveal to the public. What do you do? We faced this exact situation during the API Summit release when we needed to capture screenshots of the new Kong Konnect Plus dashboard while our internal environment also showcased Mesh Manager features.

Governing GraphQL APIs with Kong Gateway

Modern software design relies heavily on distributed systems architecture, requiring all APIs to be robust and secure. GraphQL is no exception and is commonly served over HTTP, subjecting it to the same management concerns as any REST-based API. In fact, GraphQL’s dynamic client querying capabilities may lead to more complex and potent attack surfaces than traditional REST-based APIs.

Become an API-first Company | API Summit 2023

Become an API-first Company | API Summit 2023 🚀 Navigating API-First Approaches & Innovations Safely and Effectively! Dive into an insightful session from API Summit 2023, where Augusto Marietti, CEO & Co-founder of Kong, along with João Mikos from SeatGeek, and Sanjay Modi from Comcast, unravels the intricacies of adopting an API-first approach and introduces Konnect, the world's first unified API platform!

Kong Named Leader in Gartner Magic Quadrant for API Management for Fourth Consecutive Year

For the fourth year in a row year, we’re thrilled to announce that Kong has been recognized as a Leader in the Gartner Magic Quadrant for API Management. We believe this recognition reinforces our commitment to our customers, who rely on Kong’s unified cloud API platform to deliver fast, reliable, and secure digital experiences.

Common API Authentication Methods: Use Cases and Benefits

As businesses expand and gain visibility, it’s natural that their API attack surfaces become more exposed — increasing the risk of dangerous data breaches. Protecting cloud communications and securing data in transit should be your organization’s top priority. API authentication mechanisms help ensure that only valid users can access your application's features and services, and these mechanisms should be tailored to fit your specific needs.

Adaptive API Security

In a world filled with threats, how can we deploy APIs with confidence? In this talk, we'll review how biological immune systems solve the problem and dive into how similar concepts drive Salt Security's Kong Plugin. The issue is how to defend APIs against evolving adversaries without knowing in advance what their attacks will be...all while not over-alerting on false positives. Join us to learn about security standards, why AuthZ/AuthN aren't enough, and what we as professionals can do to enhance trust in an increasingly API driven world.

Zero Trust Network Access (ZTNA) vs VPNs

In today’s modern digital environment, more organizations are relying on remote work than ever before. While this shift has given companies unprecedented flexibility when it comes to deploying their workforce, it has also presented challenges in keeping their devices, operations, and personnel protected, especially in regard to API security. Without proper oversight, attackers can access your organization’s server by exploiting such security vulnerabilities.

OpenID vs OAuth: Understanding API Security Protocols

When it comes to digital identity, OpenID and OAuth are two peas in a pod, but they have their differences. OpenID connects you to relying parties using a single sign-on, while OAuth grants access tokens so you can give apps limited access. They both make authentication simple, seamless, and secure. However, don't be fooled: behind the scenes, they're as different as night and day. OpenID is about logging you in, while OAuth is all about letting apps in.

Troubleshooting an Intermittent Failure in CI Tests on ARM64

The Kong Gateway CI was failing intermittently (about once every 100 runs) on the ARM64 platform with a strange error: “attempt to perform arithmetic on local 'i' (a function value)”. The variable i in the context is an integer but at runtime, it was sometimes a function value. This is caused by an error in the LuaJIT ARM64 JIT compiler. We’ve investigated and found the issue and the fix is merged in the LuaJIT upstream. This document describes how we fixed the error.

What's New in Kong Ingress Controller 2.12?

API Summit 2023 has just concluded, with awesome announcements including the launch of Kong Mesh in Konnect, and Dedicated Cloud Gateways. In addition to launching new capabilities, we also ensured that our existing products continue to grow and deliver value. With that in mind, I’m pleased to announce the immediate availability of Kong Ingress Controller 2.12.

Proxy-Wasm: It's WebAssembly for Proxies

Picture this: You're building the next generation of microservices architecture in your organization. The orchestration is in place, containers are humming, and you've chosen Kong Gateway (naturally) to manage the APIs, ensuring smooth communication. But then, you hit a snag. You need a custom filter not part of the standard library of plugins, or you envision a unique way to manipulate, observe, or control the traffic.