Traceable, the world's first end-to-end application security monitoring platform, launched from stealth today with $20M in series A funding from Unusual Ventures and BIG Labs. Jyoti Bansal, the founder and former CEO of AppDynamics, heads the company as CEO and co-founder after selling AppDynamics to Cisco for $3.7 billion. Bansal is joined by Sanjay Nagaraj, former VP Engineering at AppDynamics, as CTO and co-founder. Traceable was spun out of BIG Labs, Bansal's startup studio.
Businesses large and small are migrating en masse from monolithic to
highly distributed cloud-native applications often built with hundreds
or even thousands of microservices. Protecting cloud-native applications
from cyberattacks has become the most pressing challenge of this new
architecture. Microservice APIs often expose business logic that threat
actors use to infiltrate applications and private data.
"The broad use of APIs in cloud-native applications has greatly
expanded the attack surface for enterprises, and until now, there hasn't
been a solution that adequately addresses this growing issue," said
Gerhard Eschelbeck, former Google CISO and Traceable advisor. "Traceable
solves one of the biggest problem security teams face, which is
distinguishing between valid and malicious use of an application's
APIs."
Bansal and Nagaraj saw the massive adoption of cloud-native
architectures firsthand while working with thousands of AppDynamics
customers. At the same time, high profile businesses such as Uber and
Facebook were making news as they became victims of new business logic
attacks due to vulnerabilities in microservice APIs. With cloud-native
architecture adoption skyrocketing, Bansal and Nagaraj founded Traceable
to protect applications from next-generation attacks.
"It became clear to us that a drastically new approach to
application security was needed to protect businesses as they deploy
their applications in cloud-native architectures," said Bansal.
"Existing solutions were designed to protect traditional monolithic web
apps with well-understood protocols. They aren't capable of
understanding distributed applications using thousands of custom APIs."
Traceable, leveraging the team's expertise in distributed tracing and
observability is the only Application Security Platform that traces
end-to-end application activity from the user and session all the way
through the application code. TraceAI, the platform's machine learning
technology, analyzes this data to learn normal application behavior and
to detect activity that deviates from the norm. Businesses use
Traceable's rich forensic data and insights to easily analyze attack
attempts and perform root cause analysis.
"At Houwzer, we conduct hundreds of millions of dollars worth of
real estate transactions every year. Our customers place their trust in
us to keep their information safe, so we need the best tools at our
disposal to do so," said Greg Phillips,
CTO of Houwzer, an early Traceable customer. "Traceable's technology
enables my team to understand exactly how our APIs function in order to
best diagnose and resolve issues when they arise, ensuring all the
sensitive information we house is secure even as our application changes
and new types of attacks emerge. This visibility also allows us to
orient our product roadmap and optimize for success."
Bansal and Nagaraj have made Traceable's underlying distributed
tracing platform available as an open source project named Hypertrace.
By deploying Hypertrace, DevOps teams observe and monitor production
applications with the same comprehensive distributed tracing and
observability capabilities powering Traceable.
"While we were building Traceable, we realized that every business
and every application should have access to a robust distributed
tracing system. Highly distributed cloud-native applications are almost
impossible to operate and troubleshoot without distributed tracing,"
said Nagaraj. "So we decided to make this core part of our platform,
open source and freely available. We hope the community not only adopts
Hypertrace but feels empowered to contribute to the project to make it
even better."