This post is part of a series on becoming a secure API-first company. For a deeper dive, check out the eBook Leading Digital Transformation: Best Practices for Becoming a Secure API-First Company. As APIs have become mission-critical, securing them against threats is crucial. APIs are an attractive target for attackers, and a single vulnerability can expose an organization's most sensitive information assets. To properly secure APIs, we have to move beyond basic perimeter defenses.

As 2023 gets played off and 2024 eagerly awaits its turn in the spotlight, let’s look back at the past 365-ish days in the land of Kong. It’s the year's final post, and we’re playing nothing but the hits! Read on for a recap of the biggest Kong news from 2023.

Watching Kong grow from a tiny place over the years has been a once-in-a-lifetime shared journey with our Kongers and investors. Today, I’m thrilled to announce that Kong has recently reached another instrumental milestone: surpassing $100 million in Annual Recurring Revenue (ARR).

We're pleased to announce the launch of Standard Webhooks! Kong has been part of the Technical Committee of this standard with other great companies like Svix (the initiator of the project), Ngrok, Zapier, Twillio, Lob, Mux, and Supabase. This was a year-long effort of gathering feedback, use cases, and debating about what and how to define what landed. Standard Webhooks is one initiative to standardize the way producers and consumers can have a contract to communicate.

Today, we’re excited to release the Kong Konnect EKS Marketplace add-on as a means to deploy your Kong Gateway dataplanes in AWS. The add-ons are a step forward in providing fully managed Kubernetes clusters. It is here to simplify the post-procurement process of bootstrapping Kong Konnect gateway data planes, avoid context switching among tools during the installation process, and provide notifications when a new version of Kong Gateway is available, making upgrades seamless.

Plus recognized as an Outperformer (again)! Kong Mesh has been named a Leader and Outperformer in the 2023 GigaOm® Radar for Service Mesh report. We feel this awesome achievement highlights Kong's ongoing commitment to innovation and ease of use in the service mesh space.

In this post, we’ll see how ChatGPT can be used to reinvigorate APIs by creating an OpenAPI specification for an existing API that has existing documentation.

API gateways serve as the final checkpoint for your APIs. As such, gateway configuration is critical to ensuring that your APIs remain secure, available, and responsive. Ensuring that all changes to these configurations are intentional and follow your organization's best practices is key to maintaining a robust API gateway deployment. decK 1.28 adds a brand new feature that allows you to natively validate your gateway configurations against custom rule sets.

The latest release of Kong Mesh (version 2.5) brings many new features that push the envelope and make Kong Mesh the logical choice of a service mesh to meet your objectives. In this blog, we'll break down these new features and provide tailored use cases to illustrate how Kong Mesh 2.5 can elevate your service mesh experience. We'll focus on three main categories: flexibility, resiliency, and security.

In token-based architecture, tokens represent the client’s entitlement to access protected resources. Access tokens (or bearer tokens as they're commonly known) are issued by authorization servers after successful user authentication. The tokens are passed as credentials in the request to the target APIs which inform the API that the bearer of the token is authorized to access the API and perform certain actions.