at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
Kong Enterprise from Kong Inc.
API gateway, management layer, analytics, developer portal, security policies for financial data, multi-region deployment, and compliance features for financial regulations including PSD2 and Open Banking.
Product analysis by function
API Management for IT and Infrastructure
Systems for developing, managing, securing, and monitoring APIs that connect banking systems internally and with external partners.
More API Management
More IT and Infrastructure ...
API Security
(13 Yes /13 Known /13 Possible features)
|
OAuth 2.0 Support Ability to use OAuth 2.0 protocol for secure authorization. |
Kong Enterprise documentation confirms OAuth 2.0 support for securing APIs. | |
|
API Key Management Supports creation, issuance, and life-cycle management of API keys. |
API key management, creation, and rotation features are native in Kong Enterprise. | |
|
IP Whitelisting/Blacklisting Enable or restrict API access based on user IP addresses. |
Kong provides plugins for IP whitelisting and blacklisting API requests. | |
|
Rate Limiting Limits the number of requests a client can make to avoid abuse. |
Rate limiting is a core plugin and standard feature in Kong. | |
|
Throttling Ability to control bandwidth and request frequency. |
Throttling supported as part of traffic control and rate limiting plugins. | |
|
Data Encryption Supports encryption of data in transit and at rest (e.g., TLS, HTTPS). |
Kong supports TLS/HTTPS and encrypts data in transit and at rest. | |
|
JWT (JSON Web Token) Validation Capability to validate JWTs for API access management. |
JWT validation is provided via official Kong JWT plugin. | |
|
Audit Trails Tracks and stores all API access and activity logs for compliance and debugging. |
Audit logs and trails are part of Kong Enterprise for compliance and debugging. | |
|
DDoS Protection Protection mechanisms against Distributed Denial of Service attacks. |
Cloud native DDoS prevention and integrations supported in multi-region deployments. | |
|
Mutual TLS (mTLS) Supports mutual TLS authentication to secure API connections. |
Mutual TLS authentication (mTLS) is supported and documented for enterprise deployments. | |
|
Access Control Lists (ACLs) Ability to define detailed access permissions for API consumers. |
Access Control Lists (ACLs) provided as a Kong plugin. | |
|
Security Patch Management Automated updates for emerging threats and vulnerabilities. |
Kong regularly updates its security plugins and supports external patch management integrations. | |
|
Regulatory Compliance Certifications Supports and maintains compliance (e.g., PCI DSS, PSD2, GDPR) for financial data and operations. |
Regulatory compliance, including PCI DSS, PSD2, and GDPR, featured in product marketing and documentation. |
API Gateway Functionality
(11 Yes /11 Known /11 Possible features)
|
Request Routing Routes incoming API requests to appropriate backend services. |
Request routing is a fundamental capability of the Kong API Gateway. | |
|
API Aggregation Combines multiple API calls into a single request/response. |
API aggregation is enabled through plugins and custom configuration. | |
|
Caching Caches API responses to reduce backend load and latency. |
Caching for APIs is available using Kong's proxy caching plugin. | |
|
Load Balancing Distributes incoming API traffic among multiple backends. |
Load balancing is a core gateway function and documented as supported. | |
|
Protocol Transformation Converts between different protocols (e.g., REST, SOAP, gRPC). |
Supports transformation between REST, gRPC and supports plugins for protocol conversion. | |
|
Content-Based Routing Routes requests based on content type or header values. |
Content-based routing implemented via plugins and routing rules. | |
|
URL Rewriting Ability to rewrite request URLs on the fly for routing efficiency. |
URL rewriting is supported in routing configuration and plugins. | |
|
Failover Support Automatic rerouting of traffic in case of backend failure. |
Failover support provided by Kong via health checks and load balancer settings. | |
|
Timeout Configuration Customizable timeouts for upstream requests. |
Timeout configuration available via route and service configuration. | |
|
API Mocking Ability to simulate API responses during development and testing. |
API mocking is available via Kong Insomnia for development/testing. | |
|
Advanced Traffic Shaping Customizable traffic shaping rules for granular control. |
Traffic shaping is possible with advanced routing and rate limiting plugins. |
Developer Experience
(11 Yes /11 Known /11 Possible features)
|
Interactive API Documentation Auto-generated documentation with try-it-out features (e.g., Swagger, OpenAPI). |
Kong's Dev Portal provides auto-generated interactive API documentation (OpenAPI/Swagger). | |
|
API Sandbox Environment Safe, limited test environment for developer experimentation. |
API sandbox environments are a feature for developers in Kong Enterprise. | |
|
Self-Service Portal Portal for onboarding, documentation access, and API key management. |
Self-service onboarding, API keys, and documentation are offered via the Kong Dev Portal. | |
|
SDK Generation Automated creation of SDKs in multiple languages for developers. |
SDK generation and code scaffolding is supported through API documentation tooling. | |
|
Code Samples Includes quick-start code samples for faster developer onboarding. |
Code samples available in documentation and developer portal. | |
|
Comprehensive Error Codes Clear and consistent error messages with codes and explanations. |
Comprehensive error codes and explanations are documented for API responses. | |
|
Change Log Communication Automated notifications on API updates and version changes. |
Change logs and update notifications provided via developer portal and email alerts. | |
|
API Subscription Management Supports subscription plans for API access levels. |
API subscription management is supported for plans/tiers in the dev portal. | |
|
End-to-End Testing Tools Supports thorough testing across API endpoints. |
End-to-end API testing supported, notably through Kong Insomnia. | |
|
API Usage Analytics for Developers Provides developers with real-time metrics for their API usage. |
Developer analytics and real-time metrics are integrated into the portal. | |
|
Support Ticketing Integration Integrated support system for technical queries and issues. |
Kong supports support ticketing integration with enterprise plans. |
Monitoring and Analytics
(8 Yes /8 Known /11 Possible features)
|
Real-Time Traffic Monitoring Provides live data on API usage metrics and performance. |
Real-time traffic monitoring and dashboards are built-in and can integrate with external tools. | |
|
Request Latency Tracking Measures and reports time taken to process API requests. |
No information available | |
|
Error Rate Monitoring Tracks percentage of API requests resulting in errors. |
No information available | |
|
Health Checks Automated and on-demand status checks for API endpoints. |
Automated and on-demand health checks are configurable in routing. | |
|
Custom Dashboards User-configurable dashboards for monitoring APIs. |
Users can create custom dashboards for usage and performance in Kong Manager. | |
|
Historical Data Retention Duration for retaining historical API usage and performance data. |
No information available | |
|
Integration with External Monitoring Tools Supports integration with platforms like Splunk, Grafana, Datadog. |
Integration with Grafana, Datadog, and more is documented and supported. | |
|
Alert Notification System Sends alerts for threshold breaches and downtime. |
Alerting systems for thresholds and downtime are included in Enterprise edition. | |
|
Log Export and Archival Export logs for long-term storage and regulatory compliance. |
Log export, integrations, and archival for compliance are available. | |
|
Anomaly Detection Automatic detection of unusual API behavior. |
Anomaly detection can be integrated and built on top of analytics data. | |
|
SLAs and Uptime Reporting Service Level Agreement and uptime tracking for each API. |
Uptime SLAs and reporting are offered in multi-region deployments for enterprises. |
Integration and Interoperability
(11 Yes /11 Known /11 Possible features)
|
Support for Multiple API Protocols REST, SOAP, WebSockets, gRPC compatibility. |
Kong supports REST, gRPC, WebSockets, and other protocols. | |
|
Enterprise Service Bus Integration Compatible with ESB solutions for orchestration and mediation. |
ESB integration possible; connectors and documentation for orchestration. | |
|
Legacy System Connectors Connects easily with mainframes and legacy banking systems. |
Legacy system integration documented for large enterprises and banks. | |
|
Third-party Integration Marketplace Pre-built integrations with common fintech and regtech services. |
Marketplace of third-party integrations at konghq.com and official plugins present. | |
|
Event Streaming Support Supports event-driven architectures (e.g., Kafka, MQ). |
Event streaming (Kafka, MQ) supported via open source and commercial plugins. | |
|
API Orchestration Capability Orchestrates multiple APIs and business processes. |
API process orchestration described in documentation. | |
|
Standard Data Format Support Understands and processes JSON, XML, CSV, and more. |
Standard formats such as JSON, XML, CSV are supported in API traffic. | |
|
Multi-Cloud Support Deployable on different cloud platforms and hybrid architectures. |
Multi-cloud and hybrid deployments are key selling points for Kong Enterprise. | |
|
Service Discovery Integration Integrates with service registries (e.g., Consul). |
Service discovery integration available with Consul and others. | |
|
API Versioning Manages and routes multiple versions of APIs seamlessly. |
API versioning support is documented. | |
|
BPM/Workflow Engine Integration Interoperates with business process management tools. |
BPM/workflow integration supported via APIs and connectors. |
Scalability and Performance
(8 Yes /8 Known /10 Possible features)
|
Horizontal Scalability Ability to add nodes and balance load automatically. |
Kong inherently supports horizontal scaling in cloud deployments. | |
|
High Availability Architecture Redundant components and failover to maximize uptime. |
High-availability architecture (HA) deployments are officially supported. | |
|
Throughput Capacity Total number of API requests handled per second. |
No information available | |
|
Load Testing Tools Includes tools for stress and performance testing APIs. |
Load testing tools are available and there is guidance for use with Kong. | |
|
Auto-Scaling Policies Automatic scaling based on real-time demand. |
Auto-scaling is supported in Kubernetes/cloud deployments. | |
|
Geo-Distributed Deployments Supports deployments across multiple geographic locations. |
Can deploy Kong nodes in multiple regions/geographies as documented. | |
|
Low Latency Processing Optimized to minimize request/response latency. |
Low-latency event processing emphasized in marketing and benchmarks. | |
|
Concurrent Connection Limits Maximum number of simultaneous client connections supported. |
No information available | |
|
Session Persistence Ability to maintain session/state across distributed systems. |
Session persistence available via plugins and Kong's distributed architecture. | |
|
Fast Failover and Recovery Quickly re-routes traffic on failure for uninterrupted service. |
Failover and recovery capabilities documented and implemented in HA designs. |
API Lifecycle Management
(9 Yes /9 Known /9 Possible features)
|
API Design Tools User-friendly tools for designing APIs (specifications, linting, etc). |
Kong Insomnia provides API design tools for specification, linting, and collaboration. | |
|
Automated Deployment Pipelines CI/CD pipelines for consistent API release processes. |
Automated deployment pipelines and integrations with CI/CD are documented in enterprise features. | |
|
Version Control Tracks changes and rollbacks for API definitions and implementations. |
Version control of APIs supported via integrations and design portal. | |
|
Lifecycle Stages Tracking Defines and manages API states: development, testing, production, deprecated. |
API lifecycle states are tracked in the platform (dev/test/prod). | |
|
Deprecation and Sunset Policy Enforcement Controlled migration paths and communication for deprecated APIs. |
API deprecation and sunset policies are configurable. | |
|
Change Management Logging Monitors changes and notifies stakeholders. |
Change management and logging are available for auditing and compliance. | |
|
Automated Testing Integration Integrates with automated test frameworks. |
Automated testing frameworks integration available via Kong Insomnia and third-party tools. | |
|
Approval Workflows Multi-step approval for API publishing or promotion. |
Approval workflows can be implemented via integrations and policy settings. | |
|
Rollback Mechanism Quickly revert to previous stable versions. |
Rollback mechanisms for API definitions/versions and deployments are documented. |
Regulatory and Compliance
(9 Yes /9 Known /9 Possible features)
|
Audit Logging Comprehensive, immutable records of every API activity. |
Audit logging is a compliance and operational feature in Kong Enterprise. | |
|
Privacy Controls Strict controls for personal and sensitive data processing. |
Privacy controls are configurable for sensitive data. | |
|
GDPR Compliance Supports mechanisms for data rights and protection under GDPR. |
GDPR compliance and features are highlighted for EU/financial deployments. | |
|
PCI DSS Support Meets requirements for processing and storing payment card data. |
PCI DSS support is explicitly stated for financial data in marketing materials. | |
|
PSD2/Open Banking Readiness Supports open banking standards and frameworks. |
PSD2/Open Banking readiness is a differentiator for Kong in financial services. | |
|
Consent Management Tracks and enforces customer consent for data sharing. |
Consent management features supported for open banking and other regulatory use cases. | |
|
Data Residency Controls Enforces policies on where data can be physically stored. |
Data residency controls configurable per deployment location and policy. | |
|
Retention & Deletion Policies Automates retention and deletion per regulatory timelines. |
Retention and deletion policies are supported for data lifecycle and compliance. | |
|
Automated Compliance Reporting Generates reports to demonstrate compliance. |
Automated compliance reporting documented for audit and regulatory needs. |
User and Access Management
(9 Yes /9 Known /9 Possible features)
|
Role-Based Access Control (RBAC) Granular user permissions based on assigned roles. |
RBAC is a core feature for user and admin access. | |
|
Single Sign-On (SSO) Integration with enterprise authentication solutions. |
SSO and third-party enterprise authentication integrations available. | |
|
Multi-Factor Authentication (MFA) Enforces strong two-factor user verification. |
Multi-factor authentication (MFA) integrations are supported. | |
|
User Provisioning Automation Automated creation, update, and deactivation of user accounts. |
User provisioning can be automated via APIs and integrators. | |
|
Delegated Administration Allows specific user groups to manage access. |
Delegated administration available through role and group configuration. | |
|
Session Management Controls and monitors user session durations and activity. |
Session management and monitoring are built into Kong Enterprise. | |
|
Access Review and Recertification Periodic verification of user access rights. |
Periodic access reviews can be configured via integrations and policy automation. | |
|
External User Federation Allows federated login for third-party or partner users. |
External user federation is available for partners and external users (SAML, OIDC, etc). | |
|
Entitlement Management Assign and manage granular entitlements to users. |
Entitlement management enabled through RBAC and API management features. |
Operational and Maintenance Features
(8 Yes /8 Known /8 Possible features)
|
Zero-Downtime Upgrades Ability to patch or upgrade system components without impacting users. |
Zero-downtime upgrades supported for HA deployments. | |
|
Automated Backups Schedules and manages regular backups. |
Automated backups are supported by infrastructure and deployment scripts. | |
|
Disaster Recovery Support Failover and restore processes for high system resilience. |
Disaster recovery processes supported in enterprise documentation. | |
|
Rollback Capabilities Quick reversion to previous system states after failed changes. |
Rollback capabilities for platform and config management supported. | |
|
Remote Management API API for managing infrastructure remotely. |
Remote management APIs are available for administration and orchestration. | |
|
Automated Configuration Management Tools for managing configuration drifts and automating changes. |
Configuration management, drift detection, and automation available via CLI, REST API, and integrations. | |
|
Self-Healing Mechanisms Automated corrective actions for detected failures. |
Self-healing mechanisms are possible via Kubernetes and orchestration integration. | |
|
Maintenance Window Scheduling Automated notifications and controls for system maintenance. |
Maintenance window scheduling and notifications supported through integrations. |
Cost Management and Optimization
(8 Yes /8 Known /8 Possible features)
|
Usage-Based Billing Support Cost tracking for internal/external API use, supporting chargebacks. |
Usage-based billing integrations supported for API monetization. | |
|
Quota Management Enables the enforcement of usage quotas for users/applications. |
API and usage quota management available as native feature. | |
|
Cost Analytics and Forecasting Provides insights and trends in API-related expenses. |
Cost analytics and trend reporting covered in enterprise analytics suite. | |
|
Budget Alerting Sends notifications if API usage approaches or exceeds budget. |
Budget alerting possible via monitoring and webhook notifiers. | |
|
Resource Optimization Recommendations Suggests ways to optimize API and infrastructure usage. |
Optimization recommendations available via partner integrations and analytics. | |
|
Granular Cost Allocation Assigns costs to departments, projects, or teams. |
Granular cost allocation supported via usage tracking and reporting. | |
|
License Management Tracks feature/component licensing and compliance with agreements. |
License management integrations available for software usage tracking. | |
|
Pay-as-you-go Support Ability to implement flexible pricing models based on real usage. |
Pay-as-you-go and flexible billing support is documented for cloud and on-prem. |
API Management Platforms for IT and Infrastructure
Software for creating, publishing, maintaining, and monitoring APIs that connect different systems within the brokerage and with external partners and clients.
More API Management Platforms
More IT and Infrastructure ...
Sorry, no analysis is avaiable for API Management Platforms
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.