This event from Kong Inc. provided numerous insights into zero-trust security and other leading API-related topics and was well worth the time.  For the key takeaways and emerging topics – read on!


This online event was a compact 1-day affair with a total of 24 sessions covering not just the concept of zero-trust security, but also governance for APIs, microservices, service mesh and Kubernetes – a broad enough range to be of interest to most.

The headline topic of zero-trust security emphasised the need for authentication and identity validation everywhere – both inside and outside the organisation, and the keynote from Marco Palladino at Kong, and several other sessions, really gave good insights into approaches taken in this area.

In particular, the importance of considering security as a key part of API design, we saw in the sessions by Michelle McLean and Elad Koren from Salt Security, and the real-life threats in a session from Michelle Mauny at 42crunch.

The session to keep in mind for emerging issues was on automation of API governance from Melissa van Der Hecht at Kong, who introduced the term “APIOps”.  This looks like a topic that will become important going forward as automation in the API area becomes a necessity rather than an option.

By the end of the event, it was clear that (like any system), security is a critical aspect and cannot be ignored.  Thankfully, platforms like Kong come with a high level of in-built security measures and tools that can mitigate most security threats.