Kong Integration Solution Brief
Kong and Wallarm together provide superior API management and security.
Introducing Credential Stuffing Detection
Introducing Credential Stuffing Detection
Introducing Credential Stuffing Detection
Introducing Credential Stuffing Detection
Introducing Credential Stuffing Detection
Introducing Credential Stuffing Detection
Privacy settings
We use cookies and similar technologies that are necessary to run the website. Additional cookies are only used with your consent. You can consent to our use of cookies by clicking on Agree. For more information on which data is collected and how it is shared with our partners please read our privacy and cookie policy: Cookie policy, Privacy policy
We use cookies to access, analyse and store information such as the characteristics of your device as well as certain personal data (IP addresses, navigation usage, geolocation data or unique identifiers). The processing of your data serves various purposes: Analytics cookies allow us to analyse our performance to offer you a better online experience and evaluate the efficiency of our campaigns. Personalisation cookies give you access to a customised experience of our website with usage-based offers and support. Finally, Advertising cookies are placed by third-party companies processing your data to create audiences lists to deliver targeted ads on social media and the internet. You may freely give, refuse or withdraw your consent at any time using the link provided at the bottom of each page.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
API Security and management with Wallarm and Kong
Wallarm is a trusted technology partner of Kong API Gateway. The combination of Kong and Wallarm enables superior API management and security. Leading organizations use a native Kong and Wallarm integration to:
- Manage the API Security layer the same way as API Management
- Get vastly improved API protection and reduced organizational risk
Kong + Wallarm: Better Together
The combination of Kong and Wallarm enables superior API management and security. While Kong API Gateway provides the foundational pieces to build and manage APIs in a secure manner, modern enterprises rely on Wallarm to enable advanced API protections to defend against growing API-specific threats.
Kong API Gateway – API Security Fundamentals
- Application and User Authentication (basic auth, API Key, OAuth/OIDC, LDAP, etc.)
- Access Control (ACLs, JWT scopes, etc.)
- Encryption Tunnels with digital certificate exchange (mTLS)
- Cross-Origin Resource Sharing (CORS)
- Rate Limiting & Caching
Wallarm API Security – Advanced API Protection
- OWASP API Security Top-10 risks (Injections, BOLA, etc.)
- Automated API Discovery and Inventory (new / changed endpoints, PII data, etc.)
- API Abuse and Misuse Protection
- API Security Testing / Misconfiguration Detection
- Block Malicious traffic sources (Tor actors, geos)
Missing API Security features for your API Gateway
Wallarm API Security platform deploys directly into your Kong API Gateway, natively integrating the additional API security layer necessary to protect your API portfolio.
API Discovery
Regain control over your API attack surface with runtime visibility across your entire API portfolio.
OWASP aPI Security
Protect against OWASP API Security Top-10 risks, and other advanced API threats, such as Injections, BOLA, and authentication failures.
API Protection
Defend your APIs in seconds without relying on tedious manual configurations and outdated or inaccurate API specs.
Virtual Patching
Drastically reduce 0-day risks by applying virtual patches to critical issues on the fly.
Sensitive Data Exposure
Meet compliance requirements by tracking and protecting sensitive data, including PII, financial & health data, credentials and more.
Credential Stuffing and Brute Force
Prevent account takeover (ATO) and other behavior-based attacks which can lead to large-scale breaches.
JWT Attacks
Automatically find and report JSON Web Token (JWT) weaknesses and attacks to deter unauthorized access.
Monitor Changes
Minimize API drift and prioritize security efforts (like pen tests or bug bounties) with alerts on new, changed or deprecated endpoints.
Better API Security And unparalleled performance
Wallarm integrates natively into your Kong API Gateway instances to get real-time protection with near-zero latency.
Deployment options include:
- Kong Gateway with K8s Ingress Controller with Wallarm
- Kong with Wallarm sidecar
- Kong with Wallarm proxy balancer
Wallarm integrates into your Kong API Gateway regardless of deployment scenario: cloud (including AWS, GCP, Azure, etc.), multi-cloud, private data centers, Kubernetes environments, and more.
Wallarm also works really nicely with our Kong API Gateway. It’s automatically updated in situ … so it’s a very nice plug-in solution to use for Kong API gateways.
Advanced API Security for Reduced Risk
Wallarm provides real-time detection and mitigation — no reliance on other tools or complicated workflows. And the unique Wallarm approach results in maximum performance and near-zero latency.
Performant
Cloud-native design optimized for maximum performance and near-zero latency that scales API threat protection to meet your current and future needs.
Vigilant
Protect your APIs against emerging threats, including: OWASP API Security Top-10 and other API-specific threats, credential stuffing (ATO), JWT attacks, and 0-day exploits.
Trusted
The leader in G2’s API Security category, and relied on by 200+ customers to protect over 20,000 applications.
Cloud-Native Integrations
Wallarm integrates easily into your existing workflow, reducing learning curve and duplicative effort – and improving time‑to‑protection.
Incident Response
Integrate API security data into existing monitoring tools.
Security
Aggregate API security data into existing SIEM / SOAR tools.
Code Repo
Leverage real-time API security data in your CI/CD pipeline.
Communication
Enable seamless communications between teams.
Observability
Provide monitoring and alerting on API incidents.
Universal
Create custom integrations into existing tech stack.
Protect any API
- REST, SOAP, graphQL, gRPC, WebSocket
- Web Applications
- Microservices
- Serverless
In Any Environment
- AWS, GCP, Azure, IBM Cloud
- Private, Hybrid and Multi-Cloud
- Kubernetes / Service Mesh
- Zero-Trust
Against Any Threats
- OWASP Top-10 Threats
- API-specific Threats
- Credential Stuffing / ATO
- API Abuse (bad bots, L7 DDoS)
Loved by Developers.
trusted by Security.
The preferred choice for Security and DevOps teams seeking unparalleled Visibility, Comprehensive API Protection, and Automated Incident Response in product security programs.
200+
Enterprise customers
80+
Integrations and platforms
20,000+
Protected apps and APIs
With Wallarm, we've been able to scale API protection to the scale we need and manage with our infrastructure as code approach.
Wallarm is the leader in both API Security And WAAP categories
One Platform, Two Leading Solutions. Don't just take it from us. Read what security leaders and practitioners think about our platform.
read reviews
"Application Security Umbrella for your company"
Trusted by the world’s most innovative companies:
Additional Resources
Kong Deployment Guide
Step-by-step guide to installing Wallarm API Security platform with Kong.
Kong Integration Experience
Read this blog post from Revenera about their experience deploying Wallarm with Kong.
Kong Integration Hub
Kong Partner Plugin overview page in Kong docs portal.
Wallarm and Kong Webinar
On-demand look at how Kong and Wallarm provide full spectrum API management and security.
Revenera Use Case
Learn how Revenera gained control over their APIs using Kong and Wallarm.
Ready to protect your APIs?
Wallarm helps you develop fast and stay secure.