API Management
API Federation: Unified Interfaces for Agile Service Ecosystems
Explore API Federation: the key to a cohesive, standardized API that promotes flexibility and agility within your service ecosystem.
March 21, 2024 | 9 min read
Blog
The latest posts and insights about Ambassador Labs - our products, our ecosystem, as well as voices from across our community.
Edge Stack API Gateway
Zero Trust and API Security: Implementing Robust Authentication with Edge Stack
Zero Trust generated huge momentum in 2023. Okta’s The State of Zero Trust Security 2023 states that 61% of organizations are already implementing Zero Trust, with another 35% planning to soon. 2023, Gartner’s Strategic Roadmap for Zero Trust Security Program Implementation report was published, detailing how to define your roadmap to Zero Trust. It might come as a surprise to learn that Zero Trust was first described 30 years ago this April in 1994. Why has it taken so long to gain traction? It comes down to the technology not being in place. But in 2024, with Kubernetes and solutions such as Edge Stack API Gateway, service meshes, mTLS, and other advanced security technologies, organizations now have the tools they need to effectively implement Zero Trust architectures and secure their APIs dynamically and scalable. A vital component of that is robust authentication. If you can’t determine who your users are, you can’t then use that information throughout your infrastructure to control access. Let’s see how you can implement authentication with Edge Stack API Gateway as the start of a Zero Trust framework.
March 19, 2024 | 9 min read
Rate Limiting
Best Practices for Configuring Rate Limits to Prevent DDoS
In February 2018, GitHub was hit by a massive Distributed Denial of Service (DDoS) attack launched to take the site offline. The DDoS attack flooded the site with 126,900 packets per millisecond, sending over 125 GB of data to the website per second. It worked—but only just. The site was offline for only 20 minutes before mitigation defenses to prevent DDoS kicked in to limit the attack. At the heart of these would have been rate limiting, reducing the requests that users can make in a given time frame. This simple yet highly effective strategy to prevent DDoS attacks should be one of the initial security measures you implement when deploying a service. Here, we want to take you through how to think strategically about rate limiting and how you can implement best practices when configuring your Kubernetes API gateway.
March 14, 2024 | 10 min read
Article
What is a Service Mesh? Benefits and Top Service Mesh Products
In today's cloud native landscape, microservices have become the go-to architectural approach for building scalable and resilient applications. However, managing the communication between these microservices can be complex. This is where a service mesh comes into play. Let’s delve into the concept of a service mesh, how it works, why it is essential, and highlight some of the top service mesh products available in the market. Learn about the service mesh, how it works, why you need it, and the top 4 service mesh products. What is service mesh? A service mesh is a dedicated infrastructure layer that controls service-to-service communications over a network, thereby allowing microservices to communicate with and sometimes across each other.
March 12, 2024 | 14 min read
Edge Stack API Gateway
Ensuring your API Gateway against Risk of Single Point of Failure (SPOF)
Discover how Edge Stack API Gateway and these redundancy strategies will help you prevent the risk of a single point of failure (SPOF).
March 8, 2024 | 13 min read
Kubernetes, Kubernetes Gateway API
Optimizing Kubernetes API Gateway for High Traffic Volumes
In October 2021, Meta sites went down globally for over seven hours. It cost them $222,000 per minute. The problem? A misconfiguration of their gateway made the entire world unable to access any Meta property. Optimizing gateways in Kubernetes clusters is critical as an application developer if you are dealing with high traffic volumes, as Meta is every second. Even a few seconds of downtime can wreak havoc and mean millions in lost revenue. Applications rely on the robustness of Kubernetes API Gateways for traffic handling to serve their clients 24/7. This isn’t just a problem for companies of Meta’s scale–you never know when a traffic surge will spike, so it’s essential to ensure that a Kubernetes API gateway is continually optimized and prepared to cater to unanticipated surges.
March 7, 2024 | 14 min read