docs: update Impart Security plugin page#5889
Conversation
👷 Deploy request for kongdeveloper pending review.Visit the deploys page to approve it
|
|
|
Per Kong reviewer feedback on PR Kong#5889, narrows the page to lead exclusively with LLM/agent/MCP protection (dropping API/web app as a co-equal bullet), modeled on the Prisma AIRS Intercept page's AI-use-case framing. Adds explicit pointers to Impart's own Kong integration documentation for deeper technical/architecture detail, and moves broader API/web coverage to a single supporting note rather than a headline claim.
|
updated |
|
@brianwjoe let me know when this is ready for review - for now I'm leaving it alone since you have the PR in draft mode. |
2f02cc3 to
3246ba2
Compare
…tion Rewrites the Impart Security Kong Hub plugin page to reflect Impart's current positioning as a runtime enforcement platform that blocks LLM, agent, and MCP attacks inline, with legacy API/web app (WAF) protection as a supporting capability. - Leads with AI use cases (LLM, agent, MCP protection) per Kong docs team feedback, modeled on the Prisma AIRS Intercept plugin page. - Adds a request-flow sequence diagram and a "Threats Impart helps you catch" section with three real, grounded examples of stateful/ sequence-aware detection (agent tool-call abuse, MCP catalog drift, persistent prompt injection) - each traced to an actual shipped core rule, not an illustrative scenario - with business-outcome/risk framing (data loss, supply-chain compromise, compliance/brand risk) alongside the technical mechanics. - Adds Enable/Test/Limitations sections and a min_version, closing the customer-journey gaps found comparing against Prisma AIRS. - Fixes two stale "required collateral" items: replaces the outdated 80x80 blue icon with the current 64x64 orange brand mark, and regenerates schema.json from the real plugin schema (schema.lua v0.4.1), which was missing four config fields. - Expands tags/search_aliases (including "ai-dr", matching the category term competitors use) to surface for AI-related searches alongside the page's existing WAF/API search matches. Every technical claim is grounded in the actual plugin source (inspector/plugins/kong/lua/) rather than assumed capability.
8c6af66 to
da51834
Compare
|
@CAcquaviva as discussed! |
There was a problem hiding this comment.
Pull request overview
Updates the third-party Impart Security plugin documentation to reflect Impart’s AI/runtime-enforcement positioning and improve discoverability for AI security searches, while also extending the plugin’s documented config schema.
Changes:
- Rewrites
app/_kong_plugins/impart/index.mdwith new positioning, a “How it works” Mermaid sequence diagram, expandedsearch_aliases, and addedaitag. - Adds
min_versionmetadata for Gateway and expands related resources. - Extends
app/_kong_plugins/impart/schema.jsonwith additional config fields (body size, settings polling, timeouts).
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| app/_kong_plugins/impart/schema.json | Adds new documented plugin config fields for body sizing, settings polling, and RPC timeouts. |
| app/_kong_plugins/impart/index.md | Repositions the plugin page around AI runtime enforcement, adds diagram + enable/test/limitations content, and expands tags/search aliases. |
| "max_body_size": { | ||
| "default": 10000, | ||
| "description": "Maximum number of request/response body bytes captured for inspection. Larger bodies are truncated. Raise this for LLM/MCP traffic, which carries bodies well over the 10 KB default.", | ||
| "exclusiveMinimum": 0, | ||
| "type": "integer" | ||
| }, | ||
| "settings_enabled": { | ||
| "default": true, | ||
| "description": "Poll the inspector for per-route inspection profiles (SettingsRPC) so request inspection sends the resolved inspection mode and honors per-route body-size / timeout overrides. When disabled, the static max_body_size / timeout_ms apply to all routes.", | ||
| "type": "boolean" |
| {% endmermaid %} | ||
| <!-- vale on--> | ||
|
|
||
| _**Figure 1**: Request flow showing how the {{page.name}} plugin streams traffic to a locally-run Impart Inspector for real-time policy enforcement. Malicious requests are blocked inline (step 4), while allowed requests are forwarded upstream (steps 5-6)._ |
Summary
app/_kong_plugins/impart/index.md) to reflect Impart's current product positioning: a unified runtime enforcement platform that blocks LLM, agent, and MCP attacks inline, with API/web app protection as the underlying foundation rather than the headline.ai-sanitizer,ai-prompt-compressor,crowdstrike-aidr-request).aitotagsand expandssearch_aliases(llm security, ai security, agent security, mcp security, prompt injection, runtime protection) so the page surfaces for AI-related searches, in addition to the existing WAF/API matches it already gets via its description text.schema.json,examples/enable-impart.yaml, or the plugin icon — existing collateral is accurate and unchanged.Test plan
install-third-party.md), and the Mermaid sequence diagram all render correctly{{page.name}}and{{site.base_gateway}}template variables resolve as expectedsecurity+ai)