WAFPlanet
Official logo for Kong Gateway WAF

Kong Gateway WAF

by Kong Inc.

3.8
WAFPlanet Rating

API gateway with built-in WAF plugin for enterprise customers. Kong is the most popular open source API gateway (35K+ GitHub stars, 312M+ downloads) built on NGINX, processing 400B+ API calls daily. The WAF plugin is an Enterprise-only add-on that protects API endpoints at the gateway layer.

Visit Website Documentation View Pricing

Overview

Kong Gateway is the world's most adopted open source API gateway, built on top of NGINX and designed for cloud-native, Kubernetes-first architectures. Over 312 million downloads, 35,000+ GitHub stars, and more than 400 billion API calls processed daily make it one of the most battle-tested API infrastructure platforms available.

Kong's approach to WAF is different from traditional standalone WAF products. Rather than offering a separate WAF appliance or cloud service, Kong embeds WAF protection directly into the API gateway layer as a plugin. This means traffic is inspected at the same point where routing, authentication, rate limiting, and transformation already happen. No extra proxy hop, no additional latency from a separate WAF in the request path.

The WAF plugin is available exclusively in Kong Enterprise and Kong Konnect (the SaaS platform). It is not included in the open source Kong Gateway. The plugin provides OWASP Top 10 protection, custom rule support, and integrates with Kong's broader security plugin ecosystem including bot detection, CORS controls, IP restriction, and OPA-based authorization.

Kong also supports third-party WAF integrations through its plugin architecture. Open-appsec, an ML-driven WAF engine, offers a dedicated Kong Gateway plugin that brings machine learning-based threat detection without relying on signature databases. Wallarm has a native Kong integration for advanced API security. This plugin ecosystem means teams can choose the WAF engine that best fits their threat model.

For organizations already running Kong as their API gateway, adding WAF protection through the native plugin eliminates the need to deploy and maintain a separate WAF product. The WAF inherits Kong's deployment flexibility: self-hosted on any cloud, Kubernetes via the Kong Ingress Controller, hybrid mode with cloud-managed control planes, or fully managed through Kong Konnect Dedicated Cloud Gateways.

The tradeoff is clear: Kong's WAF is optimized for API traffic flowing through the gateway. It is not a general-purpose WAF for protecting arbitrary web applications or legacy systems. If your architecture routes all traffic through Kong, the WAF plugin is a natural fit. If you need WAF protection for applications that do not sit behind Kong, you will need a separate solution.

Ratings Breakdown

Ease of Use 3.2/5
Value for Money 3.0/5
Customer Support 4.2/5
Features 3.8/5

Key Features

Gateway-Embedded WAF

WAF runs as a plugin inside the Kong Gateway process, inspecting API traffic at the same layer where routing, authentication, and rate limiting occur. No separate WAF appliance or additional proxy hop needed.

OWASP Top 10 Protection

Built-in protection against common web application attacks including SQL injection, cross-site scripting, command injection, and path traversal at the API gateway layer.

Plugin Ecosystem

Over 100 plugins for security, traffic control, authentication, and observability. WAF works alongside bot detection, IP restriction, CORS, ACL, and rate limiting plugins in a configurable execution chain.

Third-Party WAF Integrations

Open plugin architecture supports third-party WAF engines including open-appsec (ML-driven detection) and Wallarm (API security). Teams can choose the WAF engine that fits their threat model.

Kubernetes-Native Deployment

Kong Ingress Controller and Kong Kubernetes Operator provide native Kubernetes integration. WAF policies can be managed declaratively through Kubernetes CRDs alongside gateway configuration.

Hybrid Mode

Cloud-managed control plane with self-hosted data planes. WAF policies are centrally managed and distributed to data planes running in any environment, including air-gapped networks.

AI Gateway

Dedicated AI gateway capabilities including LLM proxy, token-based rate limiting, semantic caching, PII sanitization, prompt guardrails, and MCP server proxy. WAF protects AI endpoints alongside traditional APIs.

Declarative Configuration

Gateway and WAF configuration can be managed as code through declarative YAML/JSON, enabling GitOps workflows and CI/CD pipeline integration for security policy changes.

Advanced Rate Limiting

Enterprise-grade rate limiting with sliding window counters, consumer groups, and cluster-wide synchronization. Works in conjunction with WAF to prevent both application-layer attacks and abuse.

Pros & Cons

Pros

  • API-first WAF

    WAF protection is embedded directly in the API gateway, meaning API traffic is protected without adding infrastructure complexity or latency from a separate WAF layer.

  • Massive ecosystem

    312M+ downloads, 35K+ GitHub stars, and over 100 plugins. Large community means extensive documentation, integrations, and third-party tooling.

  • Kubernetes-native

    First-class Kubernetes support via Ingress Controller and Operator. WAF policies can be managed through Kubernetes CRDs, fitting naturally into cloud-native workflows.

  • Flexible deployment

    Self-hosted, hybrid (cloud control + self-managed data planes), fully managed cloud, or serverless. Same WAF plugin across all deployment models.

  • Third-party WAF options

    Open plugin architecture means you are not locked into Kong''s native WAF. Can integrate open-appsec, Wallarm, or custom WAF engines through the plugin SDK.

  • AI gateway integration

    Built-in AI gateway capabilities protect LLM endpoints with the same WAF and security plugins used for traditional APIs.

Cons

  • Enterprise-only WAF

    The WAF plugin is not available in the free open source Kong Gateway. Requires Kong Enterprise or Kong Konnect, which means commercial licensing costs.

  • API-focused only

    Kong''s WAF protects traffic flowing through the gateway. It is not designed for protecting arbitrary web applications, static sites, or legacy systems that do not sit behind Kong.

  • Complex pricing

    Pricing involves per-gateway fees, per-request charges ($200/1M), bandwidth costs ($0.15/GB for cloud gateways), and add-on charges for AI features. Costs can be hard to predict.

  • Gateway expertise required

    Kong is primarily an API gateway. Teams need API gateway expertise to deploy and operate it effectively. The WAF is a secondary feature, not the primary product.

  • Limited standalone WAF documentation

    Most Kong documentation focuses on API management. WAF-specific documentation and configuration guides are relatively sparse compared to dedicated WAF products.

  • No free WAF tier

    Unlike Cloudflare (free tier with basic WAF) or open source options like ModSecurity and Coraza, Kong offers no free path to WAF protection.

Pricing

Pricing model: Tiered (Plus per-gateway + Enterprise custom)

Kong Gateway OSS

Free

Open source API gateway without WAF. Includes routing, load balancing, authentication, rate limiting, and a plugin ecosystem. No WAF plugin, no enterprise security features, no commercial support.

  • API routing and load balancing
  • Basic authentication plugins
  • Rate limiting
  • Request/response transformation
  • gRPC, WebSocket, GraphQL support
  • Lua and Go plugin SDK
  • Declarative configuration
  • 35K+ GitHub stars

Kong Konnect Plus

From $225/mo

SaaS platform with managed control planes. Includes up to 5 serverless gateways, 2 hybrid gateways, and basic analytics. WAF available as add-on. 1M API requests included, $200 per additional 1M.

  • Everything in OSS
  • Managed control plane
  • Up to 5 serverless gateways
  • Up to 2 hybrid gateways
  • Up to 2 Dedicated Cloud Gateways
  • RBAC
  • API Developer Portal (up to 2)
  • Advanced analytics (1M requests/mo)
  • AI Gateway (5 LLM models)
  • Email support (2-day SLA)

Kong Konnect Enterprise

Custom (annual)

Full platform with unlimited gateways, WAF plugin, audit logs, SSO, dedicated support, and professional services. No gateway or request limits. Custom pricing billed annually.

  • Everything in Plus
  • WAF plugin
  • Unlimited hybrid and cloud gateways
  • Unlimited Developer Portals
  • Audit logs and SSO
  • FIPS 140-2 compliant data planes
  • Dedicated Customer Success Manager
  • Dedicated Technical Account Manager
  • Professional services available
  • Higher SLAs

Dedicated Cloud Gateway

$500/mo per control plane + $0.15/GB

Fully managed gateway in your AWS, GCP, or Azure region. 99.99% SLA. Bandwidth charged at $0.15 per GB. Available in Plus and Enterprise tiers.

  • Managed in your cloud region
  • 99.99% uptime SLA
  • Automatic scaling
  • No infrastructure management

Our Verdict

Kong Gateway WAF makes sense if you are already running Kong as your API gateway or planning to. Adding WAF protection as a plugin means no extra infrastructure, no additional proxy hop, and security policies managed in the same place as routing and authentication. For API-first architectures, this is a genuine advantage.

The ecosystem is Kong's strongest asset. With 312M+ downloads and deep Kubernetes integration, you get a battle-tested gateway with WAF as a natural extension. The ability to swap in third-party WAF engines like open-appsec or Wallarm through the plugin architecture provides flexibility that most WAF products lack.

The main limitation is scope. Kong's WAF protects API traffic flowing through the gateway. If you have web applications, static sites, or services that do not route through Kong, you will need a separate WAF. The Enterprise-only availability and complex pricing (per-gateway + per-request + bandwidth) also make it less accessible than alternatives like Cloudflare or Coraza.

For enterprise teams building on Kubernetes with heavy API traffic, Kong Gateway WAF eliminates the need for a separate security layer. For everyone else, a dedicated WAF product will likely be a better fit.

CVE Coverage

Kong Gateway WAF can detect and block attacks matching 81K+ known CVEs based on its supported rule sets.

13K+
Critical
17K+
High
33K+
Medium
411
Low

Coverage by Attack Type

Cross-Site Scripting (XSS) High
36K+ CVEs
SQL Injection High
14K+ CVEs
Improper Input Validation Medium
8.4K+ CVEs
Path Traversal High
6.5K+ CVEs
OS Command Injection High
5.2K+ CVEs
Unrestricted File Upload Medium
3.9K+ CVEs
Code Injection Medium
3.8K+ CVEs
Command Injection High
3K+ CVEs
Open Redirect Medium
1.4K+ CVEs
XML External Entity (XXE) High
1.2K+ CVEs

Latest Blockable CVEs

CVE Severity
CVE-2026-4510 MEDIUM
CVE-2026-4161 MEDIUM
CVE-2026-4087 MEDIUM
CVE-2026-4086 MEDIUM
CVE-2026-4084 MEDIUM
CVE-2026-4077 MEDIUM
CVE-2026-4072 MEDIUM
CVE-2026-4069 MEDIUM
CVE-2026-4067 MEDIUM
CVE-2026-4022 MEDIUM
Browse all CVEs →

Frequently Asked Questions

Does the free Kong Gateway include WAF protection?

No. The open source Kong Gateway does not include the WAF plugin. WAF protection requires Kong Enterprise or Kong Konnect (the SaaS platform). The open source version includes basic security plugins like bot detection, CORS controls, IP restriction, and rate limiting, but not application-layer WAF inspection.

How does Kong WAF compare to Cloudflare WAF?

Cloudflare WAF is a standalone, cloud-based WAF that protects any web application by proxying traffic through Cloudflare's network. Kong WAF is embedded in the API gateway and only protects traffic flowing through Kong. Cloudflare offers a free tier with basic WAF rules. Kong requires enterprise licensing. Choose Cloudflare for general web application protection, Kong for API-first architectures where you want unified gateway and security management.

Can I use a third-party WAF with Kong Gateway?

Yes. Kong's plugin architecture supports third-party WAF integrations. Open-appsec provides an ML-driven WAF plugin for Kong that detects threats without signature databases. Wallarm offers a native Kong integration for advanced API security. You can also build custom WAF plugins using Kong's Lua or Go plugin SDK.

What is Kong Konnect?

Kong Konnect is the SaaS version of Kong's API management platform. It provides a cloud-managed control plane with self-hosted or cloud-managed data planes. The Plus tier starts at $225/month. Enterprise tier includes the WAF plugin, unlimited gateways, SSO, audit logs, and dedicated support with custom pricing.

Does Kong WAF support OWASP Core Rule Set?

Kong's native WAF plugin provides OWASP Top 10 protection but does not use the OWASP Core Rule Set (CRS) directly. If you need CRS compatibility, you can integrate open-appsec or deploy ModSecurity as a sidecar alongside Kong. Kong's plugin approach focuses on API-specific threats rather than traditional web application attack signatures.

How much does Kong Gateway WAF cost?

The WAF plugin requires Kong Konnect Enterprise (custom annual pricing) or Kong Enterprise (self-hosted, custom pricing). Kong Konnect Plus starts at $225/month but does not include the WAF plugin. Dedicated Cloud Gateways cost $500/month per control plane plus $0.15/GB bandwidth. Contact Kong sales for WAF-inclusive pricing.

Is Kong Gateway good for Kubernetes?

Kong is one of the best API gateways for Kubernetes. The Kong Ingress Controller and Kong Kubernetes Operator provide native integration, letting you manage gateway and WAF configuration through Kubernetes CRDs. It supports the Kubernetes Gateway API standard. Major enterprises like Mercedes-Benz and UnitedHealth Group run Kong on Kubernetes at scale.

What is the difference between Kong Gateway and Kong Enterprise?

Kong Gateway is the open source API gateway (free, 35K+ GitHub stars). Kong Enterprise adds the WAF plugin, RBAC, audit logging, FIPS 140-2 compliance, the Kong Manager UI, enterprise plugins (advanced rate limiting, OPA authorization, data transformation), and commercial support with SLAs. Kong Konnect is the SaaS platform that offers both Plus and Enterprise tiers.

Ready to try Kong Gateway WAF?

Visit the website to learn more or request a demo.

Visit Website View Pricing