How API Gateways Are Becoming Security Perimeters episode artwork

EPISODE · Jun 7, 2026 · 10 MIN

How API Gateways Are Becoming Security Perimeters

from The API Podcast with Fexingo: REST, GraphQL, and Modern Web APIs · host Fexingo

In this episode of The API Podcast, Lucas and Luna explore how API gateways have evolved from simple reverse proxies into critical security perimeters. They break down a real-world case: how a mid-sized fintech company used gateway-level policies to block a credential-stuffing attack before it reached their application servers. Topics include gateway authentication strategies, the trade-off between centralised and distributed security, and why rate limiting alone isn't enough. They also discuss how modern gateways like Kong and Envoy support pluggable security policies, and what the rise of zero-trust architectures means for API design. If you've ever wondered whether your API needs its own security layer, this episode offers a concrete framework for thinking about gateway-level protection. #APIGateway #SecurityPerimeter #Fintech #CredentialStuffing #ZeroTrust #KongGateway #EnvoyProxy #APISecurity #RateLimiting #Authentication #Plugins #ReverseProxy #Technology #TechPodcast #APIDesign #CloudNative #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo

In this episode of The API Podcast, Lucas and Luna explore how API gateways have evolved from simple reverse proxies into critical security perimeters. They break down a real-world case: how a mid-sized fintech company used gateway-level policies to block a credential-stuffing attack before it reached their application servers. Topics include gateway authentication strategies, the trade-off between centralised and distributed security, and why rate limiting alone isn't enough. They also discuss how modern gateways like Kong and Envoy support pluggable security policies, and what the rise of zero-trust architectures means for API design. If you've ever wondered whether your API needs its own security layer, this episode offers a concrete framework for thinking about gateway-level protection. #APIGateway #SecurityPerimeter #Fintech #CredentialStuffing #ZeroTrust #KongGateway #EnvoyProxy #APISecurity #RateLimiting #Authentication #Plugins #ReverseProxy #Technology #TechPodcast #APIDesign #CloudNative #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo

NOW PLAYING

How API Gateways Are Becoming Security Perimeters

0:00 10:56

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The API Podcast with Fexingo: REST, GraphQL, and Modern Web APIs?

This episode is 10 minutes long.

When was this The API Podcast with Fexingo: REST, GraphQL, and Modern Web APIs episode published?

This episode was published on June 7, 2026.

What is this episode about?

In this episode of The API Podcast, Lucas and Luna explore how API gateways have evolved from simple reverse proxies into critical security perimeters. They break down a real-world case: how a mid-sized fintech company used gateway-level policies to...

Can I download this The API Podcast with Fexingo: REST, GraphQL, and Modern Web APIs episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!