Impart Security

Impart’s API Protection and WAF platform delivers comprehensive protection for APIs, microservices, and serverless applications in cloud-native environments.

Use the Impart plugin to:

• Discover and catalog your API and web application Attack Surface.
• Protect your APIs and web applications from injection, enumeration, automated threats, and other attacks.
• Find and help you fix your API and web application vulnerabilities and misconfigurations with built-in API testing.
• Reduce your API and web application risk profile.

You must install the Impart Inspector for this plugin to work. Navigate to the Impart console for step-by-step instructions.

The Impart Kong plugin allows Impart to inspect your HTTP traffic within your own environment to detect threats, anomalies, and other interesting insights. These insights are used to protect your APIs in real time through an integration with Kong Gateway that introduces minimal additional latency, fails open to ensure reliability, and keeps sensitive data within your own environment to protect your privacy.

You can install the Impart Security plugin via LuaRocks. A Lua plugin is distributed in .rock format, which is a self-contained package that can be installed locally or from a remote server.

1. Install the Impart Security plugin:

   luarocks install kong-plugin-impart
   

2. Update your loaded plugins list in Kong Gateway.

   In your kong.conf, append impart to the plugins field. Make sure the field isn’t commented out.

   plugins = bundled,impart
   

3. Restart Kong Gateway:

   kong restart