Product overview
The topic gives a high level overview of few features which would help you start using the product quickly.
After successful installation, you can navigate to the main product. The features that are available to you depend on the license that you have purchased. For more information on product tiers, see Pricing. ‌ As part of the self-service experience, you have access to the team trial for 15-days.
The following sections explain various features of Traceable at a high level. The overview would help you in using the product and realizing the various security capabilities it provides quickly.

Know your application

You can start experiencing the immediate value that Traceable provides by viewing the Discovered APIs and their associated risk score on the API Intelligence Dashboard. The API Intelligence Dashboard displays the total number of APIs, the count of internal and external API endpoints, and the discovered domains and services.
The API Endpoints in the Application section displays the top five API endpoints based on call volume. The API Endpoints also displays the number of APIs with Critical, High, and Medium risk scores, these are the APIs your developers need to prioritize for mitigating the vulnerabilities in the API definition.
The Application Flow shows the actual flow of traffic through multiple services. When you hover over a block, metrics information for that service is displayed.
You can also view more details about APIs in the API Endpoints section. Click on an API to view details, for example, request, response, and attribute details.
For more information on API Metrics, Events, Traces, and DNA, see API Insights. You can view more information on services and domains if you wish to dive deeper into the different options.

Protect your APIs

There are different ways in which you can protect your APIs. You can start by enabling Detection in the Policies section under Administration (
). By default, detection is enabled for users trying the self-service experience trial. You can choose to enable or disable rules individually. For more information, see Detection customization. You can also choose to exclude certain types of threats from being detected if you are confident they are not relevant to your environment.
You can also define your own custom signature rules to block threat actors. These rules work in addition to the preconfigured rules. For more information, see Custom Signature Rules.
Traceable also provides an option to protect your API infrastructure from DDoS attacks by rate-limiting the number of requests. You can create rate-limiting rules from the Policies section under Administration. For more information, see Rate Limiting.
In addition to rate limiting, you can define rules to block an IP address range. For more information, see IP range blocking.
An important part of API security is to view and understand the different security events that threat actors generate. Traceable detects and displays different types of security events for anomalies and attacks. For more information, see Security Events and Blocked Events.
You can view all other options to protect your application on the left-hand side menu.

Get notified

Traceable provides you with the capability to define rules for the type of events for which you want to be notified. You can also choose the channel through which Traceable delivers event notifications to you. E-mail, Slack webhook, or custom webhooks are currently supported. For more information, see the Notification section.

Invite team members

You can invite your team members to use Traceable. Navigate to Administration (
)> Configuration > Team. You would need the email ID of your team member to add them to Traceable. Assign a role, for example, Security Admin or a Developer. Once your team member is added, they will show in the list in the Team section.
Last modified 2mo ago