Traceable AI expands our support for agentless deployments and for international organizations.
What follows are our developments that occurred the month of March 2022.
Note: Traceable Platform Agents and Tracing Agents receive continuous feature updates independent of monthly platform updates.
Sign up for API Secure 2022, sponsored by Traceable AI
EU and APAC hosting of Traceable AI platform now available
Customers in the EU and APAC regions now can host the Traceable AI platform in their respective regions.
Regulatory and compliance requirements like GDPR may stipulate regional hosting of data. Finance, government, and technology industries in Europe and Asia, for example, work under strict guidelines to ensure the safety of their operations in those regions.
The added regional support greatly expands the ability of international organizations to improve their API security with Traceable AI.
Block threats on agentless deployments with our CloudFlare Integration
Traceable AI now blocks threat actors in organizations with agentless deployments via external CDN or WAF. Our first integration to enable agentless blocking is with CloudFlare, one of the most popular CDNs in the world.
When using the Traceable AI application, adding a threat actor to a deny or suspend list will result in that actor being blocked at the edge by an integrated CloudFlare instance. Traceable IP range blocking rules will operate in a similar fashion.
The release expands the range of use-cases available to organizations that need API security and prefer agentless deployments.
Other improvements released during the month of March
Changes to Threat Scoring
We are adjusting our scoring methodology to better meet the needs of customers with high volume of API requests and security events.
- If multiple malicious behaviors are observed in a single request, only the highest severity behavior will add to the score.
- If multiple users send the same or similar malicious payload, the overall impact to the threat score is reduced.
- The contributions of each event is displayed in the Attacker timeline
Traceable AI now supports Apigee Private Cloud for on-prem deployments.
Apigee is a platform for developing and managing APIs to provide backend service APIs, security, rate limiting, quotas, analytics, and more. Traceable supports Apigee private cloud v4.51.00 and above.
Improvements to platform access management with tokens
Platform access tokens will have similar functionality to our API tokens. The tokens will cover:
- Naming tokens for better traceability,
- Revoking them when no longer needed, and
- Listing out all tokens with last access times.
Protection against Spring4Shell vulnerability
For customers deploying Traceable in agentless mode or using mesh-based deployment, we have added all known signatures to protect from Spring4Shell related CVEs.
Customers who deployed a Java application agent enjoy an even deeper protection where Traceable blocks vulnerable functional calls right at the source.
Customers running the following software versions are likely impacted:
- Running on JDK 9 or higher
- Apache Tomcat as the Servlet container
- Packaged as a traditional WAR and deployed in a standalone Tomcat instance. Typical Spring Boot deployments using an embedded Servlet container or reactive web server are not impacted
- Spring-webmvc or spring-webflux dependency
- Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions