APIs come in many different shapes and sizes and have been around for a long time. Whether you are brand new to the topic or think about your day-to-day in terms of RESTful methods, you are using APIs every day. “This morning I PUT on my clothes, went to the kitchen to GET a cup of coffee, sat at my computer and felt the satisfaction of finding emails to DELETE that don’t need any action from me. My morning ended up being pretty 200 OK.”

If you’ve been researching API security, you’ve likely seen the term “Zero Trust.” And you may already know that organizations can use Zero Trust to help protect their APIs from attacks. What you may not know is that Zero Trust is one of the best models for API security. According to Microsoft, “96 percent of security decision-makers state that Zero Trust is critical to their organization’s success.” But what is Zero Trust exactly?

If you landed on this blog post, chances are that you care about keeping your API secure. It’s an important topic to discuss: API exploits are on the rise, and you don’t want unauthorized users accessing your data. A big part of that security is implementing API authentication and API authorization. These API access control measures are a foundational aspect of API security.

In this guide, Viktor Gamov (Principle Developer Advocate at Kong) will dive into the power of Kong Konnect, the SaaS managed control plane for Kong Gateway designed for seamless API management. We’ll explore how to use Kong Konnect to configure external services, enable application registration, configure Dev Portal, use credentials to manage services access, and replicate configurations across different environments with just a few clicks. Let’s get started!

Starting with the 3.3 release, Kong Gateway includes a new implementation of the internal queues that are used by several plugins to decouple the production of data in the proxy path and its submission to a receiving server, such as a log server. We’ll walk you through why queues are needed, why a new implementation was required, how the new implementation works and how queues are configured.

As API usage and dependence continue to grow, the need for a reliable, performant, and secure API gateway has become even more essential. Kong Gateway Open Source continues to be the world’s most adopted API gateway, setting the benchmark for performance, reliability, and observability. Today, we’re excited to unveil Kong Gateway 3.3 for Open Source, a release that once again elevates the API gateway experience to new heights.

There are many different ways to deploy Kong Gateway. In this post, Viktor Gamov (Principal Developer Advocate at Kong) walks through the four most popular ways. Depending on your particular use case, you may find that one or more of these is a good fit. Let’s get started!

We’re excited to announce the general availability of Kong Enterprise 3.3. In this release, we’ve taken significant steps to deliver an enhanced experience for developers by making Kong Enterprise even more enterprise-ready and robust. Additionally, we’ve checked a few important boxes for our customers to easily comply with regulations. In this blog we’re going to cover the following key features we are delivering as part of Kong Enterprise 3.3.

In this Kongcast episode, Danielle Dias, Software Engineer at Just Eat Takeaway.com, talks about how her team creates a seamless customer experience by using Kong Gateway for rate limiting, monitoring, alerting, and more. Check out the transcript and video from our conversation below, and be sure to subscribe to get email alerts for the latest new episodes.

Event streaming allows companies to build more scalable and loosely coupled real-time applications supporting massive concurrency demands and simplifying the construction of services. Ultimately, we may need to grant access to such infrastructure to the most diverse entities, including external applications posting events that will be eventually consumed by internal systems. The purpose of such exposure is to promote development teams’ collaboration.