July 2021 Product Updates

Hello there ! More updates from our big summer release. Thank you for supporting Traceable and providing candid feedback. As a result, we've made countless adjustments but here are the big ticket items including the Industry's first Free API security offering. Keep the feedback coming!

Traceable Platform Agents and Tracing Agents are released asynchronously from the platform features and they can be found here

🎉Free API Security - Announcement

  • Free Tier access forever 
  • Upto 40 API Endpoints, API Discovery, Insights, Risks and a lot more 
  • Free and Team tiers in addition to Enterprise tier
  • Free 15 day trial of Team tier 
  • Why it matters: API Security Impacts all of us. We want to enable Developers and Security Operations teams to adopt world-class API security for their applications, regardless of budget.

🎉Self Service Experience - Announcement

  • Simplified instructions for Traceable Platform Agent (VM’s, K8s) and Tracing Agent (Nginx, K8s, Java) installs 
  • Platform provides updates of installation progress
  • Users can onboard themselves and others within their teams
  • Available playground environment, with a rich API data set from a typical application, allows you to experience the full capabilities of the product without instrumenting your application
  • Why it matters:  Security Teams rely on Devops and Developers to install agents, having a simplified and automated process for agent installations eases the process for security teams within the organization. 

Enhancements to In-App Protection - Features

  • Blocked events log & analysis in the UI
  • Weekly security report
  • Custom rules & signature definitions
  • Flexible false-positive exclusion workflow
  • Monitored users highlights
  • Why it matters: Better, higher quality protection with fewer false positives and easier way to analyze detected security events

API Intelligence Dashboard - Features

  • New API Intelligence dashboard is available
  • Summarized view of API endpoints based on call volume and risk scores
  • Why it matters: Developers and DevOps need a quick way to understand the risks in their APIs and applications to be able to prioritize which of them need to be fixed first.


Jan. 18, 2021 - Release Notes

Good morning! Holy toledo, there is a lot to share with our first release notes. Thank you for supporting Traceable and providing candid feedback. As a result, we've made countless adjustments but here's the big ticket items. Keep the feedback coming!

New Protocol Support  New 

  • GraphQL
  • API Definition and Parameter Insight now available
  • Why it matters: GraphQL is a popular newer protocol optimized for data; GraphQL queries smoothly follow references between multiple resources. getting all the data your app needs in a single request.

Agent Improvement  Improvement 

  • Java OTel agent - full feature parity with the old Java agent
  • NGINX Ingress controller support
  • Ability to exclude urls from detection based on a regular expression
  • Known issues 😞 
    • golang agents do not currently support blocking
  • Why it matters: OTel (Open Telemetry) is a newer standards and provides better performance, improved management, and interoperability with other distributed tracing and performance monitoring tools. NGINX Ingress is a popular technology for routing inbound calls within K8s environment. Excluding a url from detection allows customers to reduce their processing and licensing by not protection low risk / high volume endpoints.

Enterprise readiness Improvement 

  • SAML integration (integration with Okta, ADFS and other enterprise SSO tools)
  • Usage monitoring
  • Business continuity plan in place and reports are available
  • Traceable security assessment conducted and the report available
  • Configure UserID detection without needing to touch the customer collector
  • Why it matters:  Enterprises can use their existing authentication systems to connect their employees to Traceable management console; with usage monitoring, customers are presented with information on the number of system calls & whether their current usage is in line with their Traceable license; Business continuity and security processes will have customer compliance.

Improved protection Improvement 

  • FP exclusions list management in the UI
  • Immediate blocking for known ‘bad’ patterns
  • Detect possible scanners
  • Include user location information with traces and security events
  • Known issues 😞 
    • Automated threat blocking is not yet supported
  • Why it matters:  This is work toward feature parity with the leading WAF/ RASP solutions. Immediate blocking reduces latency and allows blocking of attackers before full learning is complete. Scanner detection helps eliminate noise and focus on important issues.

API Discovery and Risk New 

  • API change management
  • Why it matters:  Any new parameters in the requests or responses or API endpoints with changes are flagged. Security team can focus on potential risk of the new or changed API endpoints.

Addressed Deficiencies Improvement 

  • Users can now be deleted from the UI
  • Eliminated requirements for a defined container ports for sidecar deployment

Have a great day!

Until next time,

The Traceable Team

We're starting a Changelog!

Hello There!

🎉 Big news today: we're starting a public changelog, so you're always up-to-date with releases, happenings, improvements, and fixes made in Traceable AI.

We base all of our decisions on making you, our customer, successful. Therefore, it's our job to make sure you are fully informed about product updates and changes.

That feature you requested? We'll keep you posted (pun intended).That bug fix? We're on it. You may hop into the changelog and take a look at any time or subscribe to the feed. Our in-app notifications will also alert you, so you don't miss a thing.

This new page is here to improve critical communications between you and the Traceable team.  We look forward to hearing your feedback in the comments.

Cheers,

The Traceable Team