The inside trace.

Subscribe for expert insights to protect your applications.

part

Foundations

2021-02-23

What is Web Application Security?

Web Application Security is security for web apps, right? As with many technical topics, there are plenty of rabbit holes to dive into when discussing web application security, but let’s focus on the critical questions many have about it.

FEATURED |

2021-02-19

The Shopify Breach: Why Authorization Exploits Slip Through Most Security Defenses

Lacking the power of AI and machine learning, common security technologies miss API attacks by not seeing the broader business context. Here’s what happened at Shopify.

breach analysis

FEATURED |

2021-02-17

Application Security in the Public Cloud Requires Shared Responsibility

The shared responsibility model describes how security is shared by both the cloud provider and user. Here’s how modern application and API security requirements change the equation.

cloud-native

FEATURED |

2021-02-12

Why Was Facebook Vulnerable to an Authentication Exploit?

Even the largest companies in the world are susceptible to API vulnerabilities. How modern security defenses fail — and how to fix them.

breach analysis

FEATURED |

2021-02-10

Why CISOs are Investing in Traceable AI

A Discussion with Lemonade CISO Jonathan Jaffe

company

FEATURED |

2021-02-10

Does Dynamic Application Security Testing (DAST) Deliver?

DAST tools provide pentesters with a hacker’s-eye-view of system vulnerabilities. What are the advantages and disadvantages of this important security tool?

app security

FEATURED |

2021-02-04

The Uber API Authorization Vulnerability

Most security defenses would have missed the Uber API authorization vulnerability. Here’s why.

breach analysis

FEATURED |

2021-02-01

Traceable Defense AI M6 and M7 Released

M6 and M7 bring GraphQL and gRPC, new agent support, OpenTelemetry compatibility, business risk visibility and API risk scoring, many new and configurable blocking rules, lots of new discovered data on your API endpoints, and improved enterprise readiness.

FEATURED |

1.2.2021

Traceable Defense AI M6 and M7 Released

Releases

FEATURED |

2021-01-30

SecOps: Go Beyond Application Security Testing With Runtime Protection

SecOps keeps production environments safe. Now, “shifting left” approaches are needed to secure production applications and APIs.

FEATURED |

30.1.2021

SecOps: Go Beyond Application Security Testing With Runtime Protection

SecOps keeps production environments safe. Now, “shifting left” approaches are needed to secure production applications and APIs.

app security

FEATURED |

2021-01-25

What Runtime Application Self-Protection (RASP) Doesn’t Solve

RASPs complement perimeter defense systems, but they also have weaknesses that can introduce their own vulnerabilities.

FEATURED |

22.1.2021

What Runtime Application Self-Protection (RASP) Doesn’t Solve

RASPs complement perimeter defense systems, but they also have weaknesses that can introduce their own vulnerabilities.

technology

FEATURED |

2021-01-16

Protecting Against the Hidden Threats of New Technologies

New tech transform dev - but with risk

FEATURED |

12.1.2021

Protecting Against the Hidden Threats of New Technologies

New tech transform dev - but with risk

app security

FEATURED |

2021-01-12

The Evolution to Cloud-Native Applications and APIs

Moving from local monoliths to cloud based microservices

FEATURED |

12.1.2021

The Evolution to Cloud-Native Applications and APIs

Moving from local monoliths to cloud based microservices

app security

FEATURED |

2020-12-23

Modern Application Security and Supply Chain Attacks - 3 challenges

API Security and the SolarWinds Breach: a wake up call

FEATURED |

22.12.2020

Modern Application Security and Supply Chain Attacks - 3 challenges

API Security and the SolarWinds Breach: a wake up call

app security

FEATURED |

2020-12-17

Security Observability: Why Tracing?

What if we could reduce the time to detect a cyber attack all the way down to zero?

FEATURED |

17.12.2020

Security Observability: Why Tracing?

What if we could reduce the time to detect a cyber attack all the way down to zero?

Observability

FEATURED |

2020-12-10

5 Reasons Why App Sec and Eng Teams Must Work Together

The popularity of cloud-based computing has made API security the next big challenge...

FEATURED |

9.12.2020

5 Reasons Why App Sec and Eng Teams Must Work Together

The popularity of cloud-based computing has made API security the next big challenge...

app security

FEATURED |

2020-11-25

Secure Kubernetes Architecture: 6 Factors Essential to Success

Six factors to get right when planning Kubernetes architecture.

FEATURED |

25.11.2020

Secure Kubernetes Architecture: 6 Factors Essential to Success

Six factors to get right when planning Kubernetes architecture.

app security

FEATURED |

2020-11-18

Financial Services Risk Management: Why Application Security

Cybersecurity is a key part of enterprise risk management in financial services

FEATURED |

18.11.2020

Financial Services Risk Management: Why Application Security

Cybersecurity is a key part of enterprise risk management in financial services

app security

FEATURED |

2020-11-02

Why Web App Firewalls Aren’t Protecting Your Cloud-Native Apps

How do you know your apps are protected?

FEATURED |

2.11.2020

Why Web App Firewalls Aren’t Protecting Your Cloud-Native Apps

How do you know your apps are protected?

app security

FEATURED |

2020-09-11

3 Threat Vectors Addressed by Zero Trust App Sec

Common internal and external threats and the Zero Trust practices to address them.

FEATURED |

11.9.2020

3 Threat Vectors Addressed by Zero Trust App Sec

Common internal and external threats and the Zero Trust practices to address them.

app security

FEATURED |

2020-07-28

Modern Application Security - Good and Bad News part 2

PartII: API Security in Modern Applications

FEATURED |

27.7.2020

Modern Application Security - Good and Bad News part 2

PartII: API Security in Modern Applications

app security

FEATURED |

2020-07-21

What to Look for in an Enterprise Security Tool

A Practitioner's View

FEATURED |

20.7.2020

What to Look for in an Enterprise Security Tool

A Practitioner's View

app security

FEATURED |

2020-07-16

Modern Application Security - Good and Bad News

Part I: What are Modern Applications

FEATURED |

15.7.2020

Modern Application Security - Good and Bad News

Part I: What are Modern Applications

app security

FEATURED |

2020-07-15

TraceAI : Machine Learning Driven Application and API Security

An introduction to anomaly detection in the context of distributed tracing.

FEATURED |

14.7.2020

TraceAI : Machine Learning Driven Application and API Security

An introduction to anomaly detection in the context of distributed tracing.

technology

FEATURED |

2020-07-14

Introducing Traceable

Application Security for APIs and Cloud-Native Apps.

FEATURED |

6.7.2020

Introducing Traceable

Application Security for APIs and Cloud-Native Apps.

company

FEATURED |

2.23.21

What is Web Application Security?

Foundations

FEATURED |

2.19.21

The Shopify Breach: Why Authorization Exploits Slip Through Most Security Defenses

Lacking the power of AI and machine learning, common security technologies miss API attacks by not seeing the broader business context. Here’s what happened at Shopify.

breach analysis

FEATURED |

2.17.21

Application Security in the Public Cloud Requires Shared Responsibility

The shared responsibility model describes how security is shared by both the cloud provider and user. Here’s how modern application and API security requirements change the equation.

cloud-native

FEATURED |

2.12.21

Why Was Facebook Vulnerable to an Authentication Exploit?

Even the largest companies in the world are susceptible to API vulnerabilities. How modern security defenses fail — and how to fix them.

breach analysis

FEATURED |

2.10.21

Why CISOs are Investing in Traceable AI

A Discussion with Lemonade CISO Jonathan Jaffe

company

FEATURED |

2.10.21

Does Dynamic Application Security Testing (DAST) Deliver?

DAST tools provide pentesters with a hacker’s-eye-view of system vulnerabilities. What are the advantages and disadvantages of this important security tool?

app security

FEATURED |

2.4.21