- 29 Sep 2022
- 4 Minutes to read
- Updated on 29 Sep 2022
- 4 Minutes to read
Traceable AI combines the power of end-to-end distributed tracing, cloud-native integrations, and advanced ML-powered behavioral analytics to deliver API and application security from user to code.
As businesses migrate their applications to cloud-native architectures and adopt agile and DevOps practices, they are being attacked by sophisticated hackers using the latest emerging tactics. APIs expose business logic to hackers and complex microservice environments make it easy for security vulnerabilities to sneak through the cracks. To combat these new threats, Traceable delivers a strong and adaptive security foundation that protects your business. Traceable's platform works in the background even as application architectures change, development methodologies evolve, and new attack vectors and threats emerge.
Traceable brings your security and development teams together to monitor and protect your most important assets - your customers, applications, and data. Traceable also provides rich dashboards, reports, and many other features to monitor and protect applications and application users by using modern observability and machine-learning algorithms.
The Traceable dashboard displays the important issues, highlights the key health metrics, and reports attack and remediation rates. Customizable visualizations provide at-a-glance insight into service and API-level security events and system-load levels.
Automatic API discovery
Traceable's AI engine collects and analyzes data over a period of time to discover APIs in your API ecosystem. Any API and its corresponding details that you see in the Dashboard are displayed through the process of API discovery.
Real-time topology map shows API flows and interconnectivity between services (endpoints, internal, and 3rd-party). API Specifications offer more accurate specs than SWAGGER with real-time data from actual application usage.
Protection from OWASP and emerging threats
Traceable's machine learning engine learns from application behavior to detect emerging threats based on application logic. Built-in standards protect against OWASP Top 10 and OWASP API Top 10.
User and behavior analytics
Security events mapped to users help in reducing false positives and expediting threat analysis. The AI engine of Traceable identifies anomalous user behavior, including insider threats by learning normal user behavior. Real-time detection helps prioritize remediation for frequently attacked services.
Granular data access visibility
Data risk profiling identifies high-risk and sensitive data proactively. Sensitive data is mapped to APIs for transparency into the services that access sensitive data.
The following sections explain various features of Traceable at a high level. The overview would help you in using the product and realizing the various security capabilities it provides quickly.
You can start experiencing the immediate value that Traceable provides by viewing the Discovered APIs and their associated risk score on the API Intelligence Dashboard. The API Intelligence Dashboard displays the total number of APIs, the count of internal and external API endpoints, and the discovered domains and services.
The API Endpoints in the Application section displays the top five API endpoints based on call volume. The API Endpoints also displays the number of APIs with Critical, High, and Medium risk scores, these are the APIs your developers need to prioritize for mitigating the vulnerabilities in the API definition.
The Application Flow shows the actual flow of traffic through multiple services. When you hover over a block, metrics information for that service is displayed.
You can also view more details about APIs in the API Endpoints section. Click on an API to view details, for example, request, response, and attribute details.
For more information on API Metrics, Events, Traces, and DNA, see Endpoint details. You can view more information on services and domains if you wish to dive deeper into the different options.
There are different ways in which you can protect your APIs. You can start by enabling Detection in the Policies section under Administration(). By default, detection is enabled for users trying the self-service experience trial. You can choose to enable or disable rules individually. For more information, see Detection policies. You can also choose to exclude certain types of threats from being detected if you are confident they are not relevant to your environment.
You can also define your own custom signature rules to block threat actors. These rules work in addition to the preconfigured rules. For more information, see Custom Signature Rules.
Traceable also provides an option to protect your API infrastructure from DDoS attacks by rate-limiting the number of requests. You can create rate-limiting rules from the Policies section under Administration. For more information, see Rate Limiting.
In addition to rate limiting, you can define rules to block an IP address range. For more information, see IP range blocking.
An important part of API security is to view and understand the different security events that threat actors generate. Traceable detects and displays different types of security events for anomalies and attacks. For more information, see Security Events and Blocked Events.
You can view all other options to protect your application on the left-hand side menu.
Traceable provides you with the capability to define rules for the type of events for which you want to be notified. You can also choose the channel through which Traceable delivers event notifications to you. E-mail, Slack webhook, or custom webhooks are currently supported. For more information, see the Notification section.
You can invite your team members to use Traceable. Navigate to Administration ()> Configuration > Team. You would need the email ID of your team member to add them to Traceable. Assign a role, for example, Security Admin or a Developer. Once your team member is added, they will show in the list in the Team section.