Organizations today are looking to do more with less. The solution for many? Digital transformation. While digital transformation isn’t a new concept, the benefits of boosting efficiency, controlling costs, and delivering better customer experiences are obvious in today’s topsy-turvy economic conditions. Digital transformation often involves making the transition from legacy monoliths to modern cloud native microservices-based architectures.

The Open Web Application Security Project (OWASP for short) is a not-for-profit entity devoted to improving the security of software. Founded in 2001, OWASP is a global organization that supports thousands of volunteers globally to produce freely-available articles, documentation, tutorials, and tooling. OWASP is best known for its "Top 10" lists, which represent a broad consensus about the most critical security risks to web applications.

Modern organizations rely on APIs to power their digital customer experiences. This can lead to stronger brand loyalty and higher revenues — if they play their cards right. The driving factor in delivering personalized content is connectivity to more applications, systems, and data sources. That takes APIs.

Today, APIs are based on modern communication patterns: REST, GraphQL, or gRPC. But two decades ago, the majority of Web Services were developed with SOAP/XML. In this blog, we’ll explain how Kong Konnect can manage SOAP/XML Web Services by creating custom plugins and by using ChatGPT. We’ll cover using ChatGPT to develop a Lua custom plugin and how to deploy and test a SOAP/XML custom plugin on Kong Konnect and Kong Enterprise.

Kong will crash on the ARM64 platform (the machine with Mac M1/M2 chips or any ARM64 platform). The error message shows the crash is triggered by the SIGILL signal, which means there is an illegal instruction in the Kong binary code. And it turns out to be caused by an error in the LuaJIT ARM64 JIT compiler. This post records how the error is found and fixed.

APIs have revolutionized every industry. They fuel digital transformation and power the web, making up more than 83% of global internet traffic. And API adoption will only grow, with AI, Web3, and decentralization only further driving API usage and integration. But these sometimes-overlooked enablers of connectivity and communication present a serious security challenge: APIs are increasingly in the crosshairs of cyber-attackers.

We’re excited to announce that Kong is now working with Cloudsmith to host our community edition and enterprise edition gateway packages. With new hosting comes a couple of changes to how you, our loyal customers, will be receiving our software.

In today’s interconnected and dynamic world of microservices, ensuring optimal traffic management and protection against malicious attacks are critical. Rate limiting, a popular mechanism for controlling request flow, gets more effortless with the introduction of Global Rate Limiting in Kong Mesh. In this blog post, we’ll explore this exciting new feature and its benefits in detail.

We are thrilled to announce that we have reached a significant milestone in our journey to provide the best possible developer experience to our Kong user community. We have added a host of new functionality to decK, our declarative management tool for Kong Gateway. These new functions enhance API lifecycle automation (APIOps) capabilities and provide a smoother path to federated API management. These features are now available to everyone and can be found in decK 1.24.0.

In this Kong Konnect tutorial, you’ll learn how to leverage the platform to manage your API ecosystem from a single easy-to-use interface.