Kong Gateway
Kong Gateway
Updated September 12, 2025
Updated September 12, 2025
Kong Gateway manages, secures, and routes API traffic between services. It supports plugins for authentication, traffic control, and logging, and can be deployed in hybrid and multi-cloud environments.
Kong Gateway manages, secures, and routes API traffic between services. It supports plugins for authentication, traffic control, and logging, and can be deployed in hybrid and multi-cloud environments.
Compare products
Cost considerations
Cost considerations
Functionality
Functionality
Compatibility
Compatibility
User experience
User experience
Customer support
Customer support
Why these ratings?
Cyberse perspective
Cyberse perspective
Solution details
Target industry
Financial services
Subcategory
API Security
Runtime Application Protection
Services support
In-house services
Third party integrators
Managed services
Pricing
Free trial available
Market segment
Enterprise
Midmarket
Key features
API access
Platform solution
Deployment
On-premises
Cloud-native
Cloud-hosted
Cloud ecosystem partners
Amazon Web Services
Microsoft Azure Cloud
Google Cloud Platform
Ratings
Cost considerations
Kong Gateway offers a free open-source edition and clearly posted pay-as-you-grow tiers, so teams can start with minimal spend and predict ongoing costs. Analysts note the enterprise fees run lower than rivals such as Apigee and MuleSoft, giving large organizations good value for comparable API security coverage. There are usage-based add-ons for extra traffic and portals, yet they are listed up front and rarely create budget surprises.
Cost considerations
Kong Gateway offers a free open-source edition and clearly posted pay-as-you-grow tiers, so teams can start with minimal spend and predict ongoing costs. Analysts note the enterprise fees run lower than rivals such as Apigee and MuleSoft, giving large organizations good value for comparable API security coverage. There are usage-based add-ons for extra traffic and portals, yet they are listed up front and rarely create budget surprises.
Functionality
Kong Gateway provides built-in plugins for authentication, rate limiting, encryption and schema enforcement that collectively mitigate most OWASP API Top 10 risks. Git-based configuration tools let teams push security policies through CI/CD and use dashboards for traffic and threat insights. Advanced attack analytics still depend on third-party WAF add-ons such as Imperva, so specialized detection coverage is not as deep as dedicated application security suites
Functionality
Kong Gateway provides built-in plugins for authentication, rate limiting, encryption and schema enforcement that collectively mitigate most OWASP API Top 10 risks. Git-based configuration tools let teams push security policies through CI/CD and use dashboards for traffic and threat insights. Advanced attack analytics still depend on third-party WAF add-ons such as Imperva, so specialized detection coverage is not as deep as dedicated application security suites
Compatibility
Kong Gateway is deployment-agnostic and runs on Kubernetes, AWS, Azure, GCP or on-prem while handling REST, gRPC, GraphQL and other protocols, so most tech stacks are covered without language lock-in. Declarative configuration and the decK tool slot into Git-based CI/CD pipelines with only routine setup effort. Published upgrade guidance cites occasional version-compatibility steps, showing minor but manageable integration work remains
Compatibility
Kong Gateway is deployment-agnostic and runs on Kubernetes, AWS, Azure, GCP or on-prem while handling REST, gRPC, GraphQL and other protocols, so most tech stacks are covered without language lock-in. Declarative configuration and the decK tool slot into Git-based CI/CD pipelines with only routine setup effort. Published upgrade guidance cites occasional version-compatibility steps, showing minor but manageable integration work remains
User experience
Many customers say Kong Gateway’s enterprise edition offers a clear dashboard that makes routine API security tasks straightforward. Reviews also point to confusing upgrade workflows, UI limitations, and spotty documentation that slow down new users. The mix of helpful visuals with noticeable friction places overall user experience in the middle of the pack.
User experience
Many customers say Kong Gateway’s enterprise edition offers a clear dashboard that makes routine API security tasks straightforward. Reviews also point to confusing upgrade workflows, UI limitations, and spotty documentation that slow down new users. The mix of helpful visuals with noticeable friction places overall user experience in the middle of the pack.
Customer support
Kong Gateway’s Platinum and Diamond plans give 24/7 coverage with initial responses in 30–60 minutes, while the basic plan replies within one business day. Users open tickets through a portal or email and can rely on a detailed knowledge base, so most problems are resolved promptly. Because the fastest SLAs require premium tiers and Kong does not publicly promise a dedicated technical account manager, support is strong but not top-tier.
Customer support
Kong Gateway’s Platinum and Diamond plans give 24/7 coverage with initial responses in 30–60 minutes, while the basic plan replies within one business day. Users open tickets through a portal or email and can rely on a detailed knowledge base, so most problems are resolved promptly. Because the fastest SLAs require premium tiers and Kong does not publicly promise a dedicated technical account manager, support is strong but not top-tier.
Explore similar solutions
Explore similar solutions
Explore other categories
Explore other categories
Cyberse provides free tools for cybersecurity buyers to assess needs, research solutions, and compare products.
Cyberse provides free tools for cybersecurity buyers to assess needs, research solutions, and compare products.
Subscribe
