Skip to content

docs: update Impart Security plugin page#5889

Open
brianwjoe wants to merge 1 commit into
Kong:mainfrom
brianwjoe:brian/impart-ai-native-plugin-description
Open

docs: update Impart Security plugin page#5889
brianwjoe wants to merge 1 commit into
Kong:mainfrom
brianwjoe:brian/impart-ai-native-plugin-description

Conversation

@brianwjoe

@brianwjoe brianwjoe commented Jul 8, 2026

Copy link
Copy Markdown

Summary

  • Rewrites the Impart Security plugin page (app/_kong_plugins/impart/index.md) to reflect Impart's current product positioning: a unified runtime enforcement platform that blocks LLM, agent, and MCP attacks inline, with API/web app protection as the underlying foundation rather than the headline.
  • Follows the partner plugin doc template (introduction with value bullets, "how it works" with a request-flow sequence diagram, installation details) modeled on existing AI-security plugin pages in this repo (ai-sanitizer, ai-prompt-compressor, crowdstrike-aidr-request).
  • Adds ai to tags and expands search_aliases (llm security, ai security, agent security, mcp security, prompt injection, runtime protection) so the page surfaces for AI-related searches, in addition to the existing WAF/API matches it already gets via its description text.
  • No changes to schema.json, examples/enable-impart.yaml, or the plugin icon — existing collateral is accurate and unchanged.

Test plan

  • Render locally / preview to confirm Markdown, Liquid includes (install-third-party.md), and the Mermaid sequence diagram all render correctly
  • Confirm {{page.name}} and {{site.base_gateway}} template variables resolve as expected
  • Kong docs team review of tags/search_aliases placement (security + ai)

@netlify

netlify Bot commented Jul 8, 2026

Copy link
Copy Markdown

👷 Deploy request for kongdeveloper pending review.

Visit the deploys page to approve it

Name Link
🔨 Latest commit da51834

@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

brianwjoe added a commit to brianwjoe/developer.konghq.com that referenced this pull request Jul 10, 2026
Per Kong reviewer feedback on PR Kong#5889, narrows the page to lead
exclusively with LLM/agent/MCP protection (dropping API/web app as a
co-equal bullet), modeled on the Prisma AIRS Intercept page's
AI-use-case framing. Adds explicit pointers to Impart's own Kong
integration documentation for deeper technical/architecture detail,
and moves broader API/web coverage to a single supporting note
rather than a headline claim.
@brianwjoe

brianwjoe commented Jul 10, 2026

Copy link
Copy Markdown
Author

updated

@lena-larionova

Copy link
Copy Markdown
Contributor

@brianwjoe let me know when this is ready for review - for now I'm leaving it alone since you have the PR in draft mode.

@brianwjoe brianwjoe changed the title docs: lead Impart Security plugin page with AI (LLM/agent/MCP) protection docs: update Impart Security plugin page Jul 16, 2026
@brianwjoe brianwjoe force-pushed the brian/impart-ai-native-plugin-description branch from 2f02cc3 to 3246ba2 Compare July 16, 2026 21:08
…tion

Rewrites the Impart Security Kong Hub plugin page to reflect Impart's
current positioning as a runtime enforcement platform that blocks
LLM, agent, and MCP attacks inline, with legacy API/web app (WAF)
protection as a supporting capability.

- Leads with AI use cases (LLM, agent, MCP protection) per Kong docs
  team feedback, modeled on the Prisma AIRS Intercept plugin page.
- Adds a request-flow sequence diagram and a "Threats Impart helps
  you catch" section with three real, grounded examples of stateful/
  sequence-aware detection (agent tool-call abuse, MCP catalog
  drift, persistent prompt injection) - each traced to an actual
  shipped core rule, not an illustrative scenario - with
  business-outcome/risk framing (data loss, supply-chain compromise,
  compliance/brand risk) alongside the technical mechanics.
- Adds Enable/Test/Limitations sections and a min_version, closing
  the customer-journey gaps found comparing against Prisma AIRS.
- Fixes two stale "required collateral" items: replaces the outdated
  80x80 blue icon with the current 64x64 orange brand mark, and
  regenerates schema.json from the real plugin schema (schema.lua
  v0.4.1), which was missing four config fields.
- Expands tags/search_aliases (including "ai-dr", matching the
  category term competitors use) to surface for AI-related searches
  alongside the page's existing WAF/API search matches.

Every technical claim is grounded in the actual plugin source
(inspector/plugins/kong/lua/) rather than assumed capability.
@brianwjoe brianwjoe force-pushed the brian/impart-ai-native-plugin-description branch from 8c6af66 to da51834 Compare July 16, 2026 21:34
@brianwjoe brianwjoe marked this pull request as ready for review July 16, 2026 21:38
@brianwjoe brianwjoe requested a review from a team as a code owner July 16, 2026 21:38
Copilot AI review requested due to automatic review settings July 16, 2026 21:38
@brianwjoe

Copy link
Copy Markdown
Author

@CAcquaviva as discussed!

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the third-party Impart Security plugin documentation to reflect Impart’s AI/runtime-enforcement positioning and improve discoverability for AI security searches, while also extending the plugin’s documented config schema.

Changes:

  • Rewrites app/_kong_plugins/impart/index.md with new positioning, a “How it works” Mermaid sequence diagram, expanded search_aliases, and added ai tag.
  • Adds min_version metadata for Gateway and expands related resources.
  • Extends app/_kong_plugins/impart/schema.json with additional config fields (body size, settings polling, timeouts).

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 2 comments.

File Description
app/_kong_plugins/impart/schema.json Adds new documented plugin config fields for body sizing, settings polling, and RPC timeouts.
app/_kong_plugins/impart/index.md Repositions the plugin page around AI runtime enforcement, adds diagram + enable/test/limitations content, and expands tags/search aliases.

Comment on lines +10 to +19
"max_body_size": {
"default": 10000,
"description": "Maximum number of request/response body bytes captured for inspection. Larger bodies are truncated. Raise this for LLM/MCP traffic, which carries bodies well over the 10 KB default.",
"exclusiveMinimum": 0,
"type": "integer"
},
"settings_enabled": {
"default": true,
"description": "Poll the inspector for per-route inspection profiles (SettingsRPC) so request inspection sends the resolved inspection mode and honors per-route body-size / timeout overrides. When disabled, the static max_body_size / timeout_ms apply to all routes.",
"type": "boolean"
{% endmermaid %}
<!-- vale on-->

_**Figure 1**: Request flow showing how the {{page.name}} plugin streams traffic to a locally-run Impart Inspector for real-time policy enforcement. Malicious requests are blocked inline (step 4), while allowed requests are forwarded upstream (steps 5-6)._
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants