Systems | Development | Analytics | API | Testing

This comprehensive guide will arm you with the knowledge and strategies needed to protect your LLMs from emerging threats. We’ll explore the OWASP LLM Top 10 vulnerabilities in detail and provide actionable approaches to mitigate these risks. Who should read this? By the end of this guide, you’ll have a robust framework for securing your LLMs and ensuring they remain assets rather than liabilities. Let’s dive into the world of LLM security with confidence and clarity.

Kong customers include some of the most forward-thinking, tech-savvy organizations in the world. And while we’re proud to help them innovate through traditional APIs, the reality is that their ambitions don’t stop there. Increasingly, our customers are investing heavily in real-time data and event streaming.

The hype for Anthropic’s Model Context Protocol (MCP) has reached a boiling point. Everyone (including Kong) is releasing something around MCP to ensure they aren't seen as falling behind in the ever-changing AI landscape. However, in this mad dash, there remains confusion around MCP and what this standard actually enables. Some see MCP as a total game-changer, and some see it as little more than a thin and unnecessary wrapper. As usual, the truth lies somewhere in between.

As organizations continue to adopt AI-driven applications, managing usage and costs becomes more critical. Large language models (LLMs), such as those provided by OpenAI, Google, Anthropic, and Mistral, can incur significant expenses when overused. This blog will explore how you can streamline your AI workloads by leveraging Kong’s token rate-limiting and tiered access features.

I'm commonly asked by customers for advice on how they can build a good platform cross-charging model for their organization. And my gut reaction is nearly always "don't." We'll come back to why I think that later, but first let's look at what cross-charging means, why you might want it, and how it can be designed.

For the past several years, there have been murmurs of an incoming convergence between API management and event management.

Kong has supported Redis since its early versions. In fact, the integration between Kong Gateway and Redis is a powerful combination to enhance API management. We can summarize the integration points and use cases of Kong and Redis into three main groups.

The explosion of AI-native applications is upon us. With each new week, massive innovations are being made in how AI-centric applications are being built. There are a variety of tools developers need to consider, be it supplying live contextual data via the Model Context Protocol (MCP) or leveraging the new Agent2Agent Protocol (A2A) to standardize how their agentic applications will communicate. The modern AI application can include communication between many different entities, including.

In the SaaS world, providers must offer tenant isolations for their customers and their data. This is a key requirement when offering services at scale. At Kong, we've invested a lot of time to provide a scalable and seamless approach for developers to avoid introducing breaches in our systems. In this article, we'll explore the challenges of tenant scoping and how we address them effectively.

Imagine a world where you could deploy your API gateways across any cloud, enforce enterprise-grade policies, and meet compliance standards all within a single Terraform apply. Most teams think about infrastructure as code only in terms of spinning up VMs, networking components, databases, or maybe a Kubernetes cluster. But what if your API platform was just as programmable? With Kong’s Konnect platform and its support for Terraform, that reality is here today!