API Security: Streamlining with Kong & Traceable

Learn how Kong and Traceable combine to deliver a unified API lifecycle management and security platform that protects your APIs from design time through production — closing the gap between what APIs are designed to do and how they're actually used.

Key Takeaways:

• 84% of businesses experienced an API security event in the last year — shadow APIs, zombie APIs, and configuration drift are among the biggest risks organizations face today.
• Kong Gateway provides a unified, declarative security layer across REST, gRPC, SOAP, AI, MCP, and event-driven APIs — enforcing consistent policies without burdening individual dev teams.
• Traceable complements Kong with continuous API discovery, behavioral baseline analysis, and real-time anomaly detection to identify business logic threats that static policies miss.
• The Kong + Traceable integration works through a native plugin at the gateway level and syncs discovered APIs directly into Kong's Service Catalog for full governance and compliance.
• The goal is moving all APIs to a "known and managed" state — a continuous feedback loop of discovery, testing, and runtime protection that Kong and Traceable enable together.

0:00 - Introduction & Session Overview

1:05 - The API Explosion and Security Challenges

4:45 - API Security Fundamentals and Building a Strong Foundation

9:35 - Kong's Unified API Platform and Declarative Security

12:50 - Traceable: Discovery, Testing, and Runtime Protection

15:30 - Kong + Traceable Integration Architecture

19:00 - API Governance Maturity Model and Unified Lifecycle Management

Explore Kong's unified API and AI connectivity platform: https://konghq.com

#APISecurity #KongGateway #APIManagement #Traceable #APIGovernance