Applications architected as microservices are becoming more prevalent every day, but just like their monolithic ancestors, microservice applications must adhere to organization-wide constraints around compliance, security, performance, etc. Authorization — controlling which people and machines can perform which actions — is a foundational security problem that requires new solutions in a microservice world because of changes in requirements around performance, availability and even where authorization gets enforced architecturally.

Applications architected as microservices are becoming more prevalent every day, but just like their monolithic ancestors, microservice applications must adhere to organization-wide constraints around compliance, security, performance, etc. Authorization, controlling which people and machines can perform which actions, is a foundational security problem that requires new solutions in a microservice world because of changes in requirements around performance, availability, and even where authorization gets enforced architecturally.

COVID-19 has hit our country hard, and the healthcare industry is still reeling from national attention on the blatant disparity of the effects of COVID-19 in specific underserved populations. Recognizing the disparity, healthcare leaders continue to struggle with interoperability and data sharing; we must free the data and move beyond the debate of public or private cloud. It’s time to prepare for the eventuality of leveraging all available cloud environments to handle the data workload and application needs to end digital disparity in healthcare.

Data privacy and security are key when enterprise customers are migrating their mission-critical applications from on-premises to the cloud. Join this session to learn about how to protect customers’ data while migrating key applications.

While the concept of serverless applications has grown over the past years there are plenty of instances where the serverless model doesn’t fit all needs. For those coming from on-premises or hybrid scenarios, moving to serverless might look like needing to move everything or building very differently than you have in the past. In this session we’ll demystify the central component of the serverless movement, AWS Lambda, a serverless compute service that changes how applications are built and managed, but only in some ways.

We all know that we shouldn’t store secrets in mobile apps, but what is the practical alternative? We all know that we should use certificate pinning for our APIs, but how can it be done simply and safely? This talk will describe a real project to explore some of the challenges of implementing good security practice in a large organization and discuss a third-party solution (Approov) which addresses both of the issues above in a relatively simple way using industry standards and working neatly with Kong.

Canary deployment is a helpful tool that allows companies to put in production multiple versions of its products to control flow and access based on different sets of rules, clients, amounts and operations. In this session, we will discuss best practices for canary deployment and share our experiences using Kong Enterprise — supported by Kuma capabilities — in achieving this.

The team at Tyler Technologies has used Kong to help take the company’s applications from on-premise installations to multi-tenant cloud services. In this session, we’ll explore how Kong can help make this move without clients ever knowing it even happened, how we use Kong Brain to automatically generate OpenAPI documentation for our integrators and the AWS infrastructure choices we made to get a large, robust Kong instance running in AWS.

In this demonstration, we show how Kong can mock the response from an OpenAPI spec to allow Developers to work on their applications in parallel to APIs being deployed.

For many organizations, moving legacy applications to modern cloud infrastructures holds great promise, such as reducing IT overhead and accelerating development times. However, in reality, these projects can be fraught with delays and service interruptions while burdening your team with transition tasks.