Jellyfish announced the launch of Jellyfish Benchmarks, a way to add context around engineering metrics and performance by introducing a method for comparison.
Traceable AI announced the introduction of a free API security solution.
Traceable's free API security solution enables developers and security operations teams to get started improving the API security of their applications without the need for budgetary approval. With this new offering, Traceable AI aims to enable everyone to make progress on solving the API security crisis.
With the free API security solution offered by Traceable AI, these teams now have the option to use a free enterprise-grade solution to gain visibility, protection, and analytical insights into their APIs.
Powered by its distributed tracing and unsupervised machine learning technologies, Traceable AI learns the application context and normal behaviors. Unlike Web Application Firewalls (WAFs) that rely on static threat signatures of known attacks, deep API insights and ML enhanced anomaly detection enable the Traceable AI Free tier offering to detect and block known (such as the OWASP Top 10) and unknown threats with no signature tuning yet minimal false positives.
"API security threats are becoming pervasive and increasing in frequency. API security is an emerging field, and application and security teams need to understand how to address this problem unique to their business models. WAFs and API gateways simply aren't enough to overcome these emerging threats and it's past time for us to have a real-solution that solves the problem rather than just apply a band-aid. Our free offering introduces API security benefits without the budget pressure that these teams often face. We hope access to it will encourage widespread adoption of API security practices and help teams to truly understand and address API-based security threats," said Jyoti Bansal, CEO and Co-Founder of Traceable AI.
The self-service deployable free version of Traceable AI includes:
- Continuous discovery and inventory of all APIs, including shadow and orphaned APIs
- Real-time, automatic API documentation including parameter details, usage patterns, and API changes flagged
- Insights into API runtime behavior, including API usage patterns, user details, and where sensitive data is being exposed
- Continuously updated API risk scores based on likelihood and impact of abuse
- API & web application protection (OWASP Top 10) powered by ML anomaly detection for low false positives without signature maintenance
- Real-time API vulnerability detection of API misconfigurations to prevent malicious exploitation by cybercriminals
- API performance metrics for establishing normal vs abnormal behavior, including number of calls, call frequency, and error and latency distribution
- Block threats based on threat actor, IP range, anomaly detection + signatures
For larger scale environments and more advanced features, Customers can also upgrade to the Team or Enterprise tiers offered by Traceable AI.
Traceable AI also offers Team and Enterprise editions.