Pomerium

MCP Apps Are Here. Is Yours Secure on Day One? The Security Timing Problem

MCP Apps Are Here. Is Yours Secure on Day One? usepom.link/mcp-apps

#mcp #mcpapps #ai #agenticai

From NGINX to Pomerium: A Practical Migration Guide for Internal Kubernetes Applications

Ingress NGINX was officially retired on March 1st, 2026.

If you’re figuring out what comes next, we put together a practical migration guide for Kubernetes teams.

Questions? Drop them in the comments or DM us.

usepom.link/nginx

#k8s #nginx #ingress

Surprising App Success: Beer Simulator & MCP Apps' Future #shorts YouTube video by Pomerium

The most successful app in the App Store's first year? A beer-drinking simulator! It made €20k/day by letting you 'drink' from your phone using gyroscope tech. Wild. What's it gonna be for MCP Apps? #MCP #EmergingTech #MCPApps #ChatGPTApps

www.youtube.com/shorts/p6rAH...

Unlock Server Security: Master Gateways for Effortless Auth #shorts YouTube video by Pomerium

MCP Apps are here—ChatGPT apps, support in Claude, @vscode.dev & @opensource.block.xyz.

Nobody wants to do auth when it's not their core business. Gateways handle auth plumbing (tokens, validation, caching) so you can focus on building.

www.youtube.com/shorts/poGh8...

#MCPApps #MCP #OAuth #DX

Secure MCP Servers: Use Existing Tools, Not From Scratch! #shorts YouTube video by Pomerium

MCP Apps are starting to gain traction. From ChatGPT apps, MCP app support in Claude, @vscode.dev & @opensource.block.xyz. Security is hard, especially those who aren't security experts that want to build MCP servers & MCP Apps. Use off the shelf tools. #MCP #MCPApps

www.youtube.com/shorts/8lQJ7...

Announcing Pomerium v0.32

Pomerium v0.32.0 is here! Less friction, more control for secure access:

* SSH with standard OAuth auth code flow (no more device code required)
* Hosted IdP improvements
* Auto MCP token refresh
* Advanced DNS tuning

bit.ly/pomerium-32

#ZeroTrust #OAuth #SSH #MCP

ChatGPT apps & MCP apps with Skybridge YouTube video by Pomerium

Happening tomorrow! Join @nickyt.online and Frédéric Barthelet as they discuss the Skybridge framework for building MCP applications. #MCP #MCPApps #AgenticAI #AI #typescript

www.youtube.com/watch?v=GCjt...

Join Nick and Jim in 30 minutes as they dig into real-time guardrails for AI agents!

Migrating from Ingress NGINX to Pomerium Ingress Controller

Ingress NGINX retires March 2026. Pomerium Ingress Controller offers the same reverse proxy functionality + identity-aware access controls.

Start simple, scale to zero trust. Dynamic fine-grained policies are 🔥

www.pomerium.com/blog/migrati...

#Kubernetes #ZeroTrust

ChatGPT Original Games YouTube video by Pomerium

Just scheduled! Join @nickyt.online and @infoxicator.bsky.social next week as they dive into the work of games in ChatGPT! #mcp #chatgpt #GameStop

www.youtube.com/watch?v=0u8Z...

👀

#kubernetes #nginx #zerotrust #ingresscontroller

Real-Time Guardrails for AI Agents Jim Bennett, principal developer advocate at Galileo, joins Nick Taylor to discuss real-time guardrails for AI to provide more boundary layers.

Join @jimbobbennett.dev from Galileo and @nickyt.online as they dig into real-time guardrails for AI agents December 11th. 👀

www.youtube.com/watch?v=4cqR...

#AI #AIGuardrails #AgenticAI

Announcing Pomerium v0.31

Pomerium v0.31 is out!

- Self-healing file-based databroker
- Enhanced health checks
- MCP support in Pomerium Zero

www.pomerium.com/blog/announc...

#mcp #aigateway #healthchecks #k8s #devops

Sometimes Postgres isn’t the Answer Pomerium v0.31 introduces a new Raft-based databroker option that is simpler, faster, and self-healing than the previous Postgres-based version.

Sometimes Postgres isn't the Answer. Pomerium v0.31 introduces a new file-based storage option for it's databroker using Pebble, a key-value store, with Raft clustering as an alternative to Postgres.

Why? At scale, Postgres can be harder to operate.

www.pomerium.com/blog/sometim...

OAuth2 Proxy: Secure Your Web App with Google Login (Easy!) YouTube video by LinuxCloudHacks

Great video from Filip Lebiecki on @pomerium.io's native SSH capabilities! youtu.be/GuAvZZR0YSE

"...  it feels well effortless. And the seemingly simple new approach,the one that makes secure SSH feel so smooth ..."

Go smash that subscribe button on Filip's YouTube! #ZeroTrust #IAP #SSH #Security

Hard blanket recs are hard: Cost of consistency? Maybe a couple of users log out. Self-healing, eventually consistent is the goal. #Data #DataBroker #Raft

Health and readiness checks are often overlooked but crucial for zero-downtime scaling. Making your K8s cluster or on-prem environment operate reliably is surprisingly difficult.

Read how we optimized readiness checks in Pomerium: www.pomerium.com/blog/designi... #DevOps #Kubernetes #HealthChecks

Raft is production-ready. Etcd (Kubernetes' storage) and HashiCorp use it. Nomad, Vault, CockroachDB and other modern SQL DBs rely on Raft for consistency across instances. Consistency comes at a cost. #Databases #Raft #DistributedSystems #Etcd #Kubernetes

The database selection meme is generally true - PostgreSQL to fancy solutions back to PostgreSQL. We'll keep supporting Postgres, but we're also exploring new approaches for data storage that go beyond the traditional cycle. #DatabaseArchitecture #DataStorage #systemDesign

Pomerium's data broker storage evolution: Started with cookies, moved to Redis, then PostgreSQL. Now adding file-based storage with clustering and leader election for self-healing, eventually consistent systems. Sometimes the simple solution wins. #DistributedSystems #DataArchitecture #ZeroTrust

Self-Healing File-Based Databroker Without The Postgres Headaches Stay up to date with Pomerium news and announcements.

New in Pomerium 0.31: A self-healing file-based Databroker with no Postgres required.

www.pomerium.com/blog/self-he... #IdentityAwareProxy #ZeroTrust #authn #authz

Self-Healing File-Based Databroker Without The Postgres Headaches

New in Pomerium 0.31: A self-healing file-based Databroker with no Postgres required.

www.pomerium.com/blog/self-he... #IdentityAwareProxy #ZeroTrust #authn #authz

Pomerium's IAP architecture: We separate concerns into authentication,proxy & authorization services. Each handles a specific role: login,request forwarding & access control. Our data broker evolved from early cookie-based session storage to coordinate between components. #DataBroker #ZeroTrust #IAP

Flipping the switch doesn’t mean a Kubernetes pod is ready. With Pomerium, it also needs group memberships and policy data before it can serve traffic. Readiness probes make sure pods are truly ready, not just turned on. #Kubernetes #Pomerium #DevOps #CloudNative

When “Healthy” Isn’t Healthy: Rethinking Kubernetes Health Checks for Real-World Systems Learn how to design smarter, context-aware probes that reflect true Kubernetes application health and prevent downtime.

Kubernetes: “All systems go.” Users: “Nothing works.” #Kubernetes #CloudNative #DevOps

cloudnativenow.com/contributed-...

Kubernetes uses health probes to keep apps alive. Startup gets things booted, readiness controls traffic, and liveness restarts stuck pods. Self-healing in action. #Kubernetes #DevOps #CloudNative #Containers

Kubernetes Health Checks are Hard Join some of the Pomerium team as they discuss health checks in k8s. Links: - https://github.com/pomerium/pomerium - Pomerium Docs - Health Checks,…

More on health checks 👇

www.youtube.com/watch?v=cMBU...

Startup probes let your app boot. Readiness probes control traffic. Liveness probes restart it when stuck. Together they keep apps stable. #Kubernetes #DevOps #HealthChecks

Smarter Health Checks for Zero-Downtime Deployments

New in Pomerium 0.31, smarter health checks for zero-downtime deployments #kubernetes #HealthChecks #DevOps

www.pomerium.com/blog/smarter...

Next month, the Pomerium team is headed to Atlanta for KubeCon North America!
Stop by Booth 951, and pick up some cool swag, demos, and discussions about security and Kubernetes while you're there.