Lunar.dev

Lunar.dev simplifies API consumption management with real-time monitoring and traffic control, so you’re never caught off-guard by 3rd- party API chaos again

5. MCPJungle Quick snapshot: * Best for: Prototyping and early-stage deployments you expect to outgrow ‍ * Latency: Low ‍ * License: Open source *‍ Deployment: Single binary or Docker Compose *‍ Key limitation: No credential isolation, no compliance-ready audit trails, and RBAC is basic even in enterprise mode

4. IBM ContextForge Quick snapshot: * Best for: Large enterprises with dedicated platform teams and months to deploy ‍ * Latency: Cluster dependent ‍ * License: MIT ‍ * Deployment: High complexity ‍ * Key limitation: Enterprise governance features are less documented than the federation capabilities; the access control model is partial

MCP just hit 97M monthly downloads. Cisco announced MCP security tooling at RSA. The "it's just a dev tool" era is over. Here's how the top open source MCP gateways actually stack up in 2026 🧵 Full breakdown: lunar.dev/post/the-best-…

The "Deployment Tax" is the highest hidden cost for teams building with MCP right now. Your developer builds a custom MCP server in hours. Then the real work starts: * DevOps queue for cluster access and cross-cluster networking * Security review for credentials that are sitting inline in a JSON config * Cross-team approvals that have nothing to do with the code itself Weeks of friction. For a server that took a day to write. At @LunarDevAPI we just launched Hosted MCP Servers in MCPX to cut that entire cycle. @RotemYohanan wrote up exactly how we built it: Deploy from a standard JSON config. No infra work. No DevOps queue. * Secrets stay in your vault, injected at deploy time. Users never see a credential. * Automated risk analysis on every tool before anyone connects. * Tool-level controls without redeploying. Toggle reads on, writes off, same session. The shift is from infrastructure-driven deployment to policy-driven self-service. Same security posture, zero coordination overhead. Full post: lunar.dev/post/your-mcp-…

Full breakdown of the attack and how these patterns apply: lunar.dev/post/litellm-w…

Secrets by reference: runtime gets a pointer, not the key. Resolved server-side through your vault. Egress allow-list: no outbound access by default. The exfiltration would have been blocked. Scoped tool access: agents only see the tools they need at runtime.

The LiteLLM supply chain attack exposed a problem in most AI gateway setups: The process that routes your LLM requests has direct access to every secret it manages. When it gets compromised, everything is exposed. Here is what happened and what needs to change 🧵

Want to learn more about dynamic tools? 🛠️ Check out our latest blog: lunar.dev/post/why-dynam…

Stay Updated: Get the latest updates in our newsletter 📬 eepurl.com/jz5mRw

Lunar’s latest Newsletter is out, and it’s a big one 🌙 Recent releases like #Claude 3.7 Sonnet prove that agents are no longer just "chatting." They are reasoning over tools and executing multi-step workflows across enterprise systems with real reliability. But as agents move into production, governance is the new frontier. Organizations need surgical control over what an agent can access, execute, and how it's monitored. Our latest Newsletter is a deep dive into how we're solving this at Lunar.dev: 🛡️ Profiles 2.0: Enforce tool-level permissions. Your marketing team gets GitHub read-only. Engineering gets read and write. All from the same server. 🌱 Eco Mode: Automated hibernation for MCPX instances to slash infrastructure costs during idle periods. 🔒 Risk Analysis: Real-time defense against tool poisoning and PII leakage before requests leave your VPC. 💾 Save and Restore Workspaces: Reusable server configurations with tool groups, policies, and permissions baked in. What's Next: Intent-Based Dynamic Tool Selection. Agents now discover and load only the tools they need for a specific task, keeping context windows lean and accuracy high. Inspired by Anthropic's Tool Search concept, now native in Lunar. #MCP #AIAgents #AIInfrastructure #MCPX #mcpgateway #AISecurity

API consumption ownership isn’t just a technical challenge; it’s a strategic one. Here’s why and who should take responsibility: buff.ly/3NVjjZN

🌟 We’ve launched our new Guides & Resources page! Dive into expert content on API management, cost optimization, and more to level up your skills. Check it out: buff.ly/4efKysz

From development hurdles to production nightmares, consuming APIs can be tough. Our event will help you master the process. Join the conversation tomorrow: buff.ly/3AEvCGJ

Quota management isn’t just a technical task—it’s a business-critical practice. 🛡️ Here’s how to master it for seamless API consumption: buff.ly/4efhNwo