End of 2022 Product Updates

Our team is happy and humbled to see you here!

announcement 

Happy New year from the Traceable team ! We would like to share some of the key product updates from the last two months !

Traceable Platform Agents and Tracing Agents are released asynchronously from the platform features and they can be found here

API Catalog

  • Automatic authenticated API detection
  • Automatic authentication type detection for well known auth types
  • Improved UX for Data Classification
  • 3rd Party API detection
  • Improved user attribution rules

API Protection

Dynamic Thresholds in Rate limiting

In addition to the static thresholds Traceable now offers the ability to get alerts or block activity every time API access rates go over the mean access rate for that API aggregated over a user configurable baseline interval in days. This is combined with IP reputation and type of the source (BOT/TOR/VPN/Proxy etc) This allows our customers to have different thresholds for regular users versus automated BOTs and traffic coming from other sources to protect their API’s against volumetric attacks based on these different source criteria for the traffic hitting your API’s. 

Threat Intel Integration

BOT, TOR, Proxy, VPN data from Threat intel sources is now correlated with detections from Traceable to have a comprehensive understanding of API threats. Threat score of attackers detected by Traceable when combined with TOR or BOT information provides further accuracy of detections. Threat actor, threat activity and data protection screens leverage this data. 




Security Analytics

Ability to do security forensics based on BOT, TOR, Abuse velocity, IP reputation, ASN and connectivity type (Mobile, Residential, Corporate etc). This has helped numerous customers get to identifying malicious actors and fraudulent users in use cases ranging from sensitive data exfiltration to account creation and free credit abuse fraud at the API layer.




Data Collection

1.26.0 - 7th December

Traceable's 1.26.0 release has the following updates:

  • Traceable platform service as headless service in Kubernetes - Traceable agent's 1.26.0 release provides the ability to run Traceable Platform service as a headless in Kubernetes. This is helpful in enabling GRPC client-side load balancing for Traceable's tracing agent. In 1.26.0 release, only the Go agent supports this client-side load balancing. 
  • AWS VPC mirroring - 1.26.0 release provides a Terraform template for AWS VPC mirroring.
  • Processing pipeline improvement - 1.26.0 optimizes Traceable agent's processing pipeline to improve performance of Tracing agent's span exporter.
  • Attribution processor - 1.26.0 release adds a new user attribution processor to support regex-based capture and authentication types.
  • Ability to specify Traceable images - 1.26.0 release provides you the ability to specify the Traceable images using their SHA256 digest in Helm and Terraform deployments.

1.25.1 - 16th November

Traceable's 1.25.1 release has the following updates:
1.25.1 resolves an issue where AWS VPC cloud formation templates were failing to create mirroring sessions when the number of target instances in the target group were more than 200.

1.25.0 - 10th November

Traceable's 1.25.0 release has the following updates:

  • eBPF OpenShift SCC deployment - Traceable agent's 1.25.0 release supports deploying eBPF in an OpenShift SCC environment.
  • eBPF egress data capture - Traceable agent's 1.25.0 release of eBPF agent supports capturing of egress data.
  • Use of persistent queue - Traceable agent now uses a persistent queue for span export retries on a failure.
  • Log rotation - Traceable agent installed on a virtual machine now supports log rotation.
  • Hashicorp vault integration - Traceable agent's 1.25.0 release supports using the secret keys stored in a HashiCorp vault. You can achieve this using either Helm values or Terraform.
  • Default environment - If during Traceable agent's configuration, you miss configuring an environment name, then an environment with a default name is configured.
  • Exclude rule - Spans matching API exclude rules are now dropped in Traceable platform agent. This helps in reducing the resource usage as the matching API exclude rule spans are not processed by Traceable platform agent.

API Security Testing

Run AST scans using OpenAPI Specifications or Postman Collections

Traceable’s API Security Testing module now supports importing OpenAPI Specifications to run the security scan for your APIs. 


Users can also provide a postman collection via CLI and run AST scan using postman collection. 

Scan Policy

Team and use-case based scan policy creation and maintenance is now easy with AST Scan policy. An all new policies screen will help users manage their policies. 


OWASP API Top 10 Coverage

Traceable platform now covers complete OWASP API Top 10 and helps users to test their posture for OWASP API Top 10. 


Platform

Environment based Role based access control: As larger enterprises start onboarding users to Traceable they would like to provide access to users to specific environments only (eg API security testing users should have access to Dev and Staging while Infosec team needs to have access to prod environments). This can now be achieved by adding users to relevant environments or updating their access for existing users. 

Environment based configurations

Given API’s and corresponding micro services vary per environment the access control policies need to be enforced at an environment level. If customers have web facing REST API’s in a single environment in Kubernetes front ended by Apigee the policies will be different from the ones for partner API’s which could be in a different environment which is behind a F5. You can now apply policies per environment so there are no overlaps and no unintended consequences if the rules clash.