Traceable by Harness

It's not every day that we get to hear John Vrionis and Jyoti Bansal chat about the process behind finding product-market fit, so we are thrilled to bring you a very special episode where John and Jyoti discuss the early days of Traceable (recently acquired by Harness). In this episode, John and Jyoti discuss: ➡️ The insight that led Jyoti to start Traceable with Sanjay Nagaraj ➡️ The technological inflection that Jyoti identified in 2019 ➡️ The ways in which Jyoti and Sanjay iterated on their solution, their Ideal Customer Profile, and their GTM strategy ➡️ The vision for Traceable over the next 5-10 years Listen now! Link to the entire episode in the comments!

CVE-2025-29927 affecting Nextjs <15.2.3, <14.2.25, <13.5.9 and <12.3.5 We have pushed an immediate product update addressing the Nextjs CVE targeting Nextjs middleware (including auth). For customers running Nextjs we advise immediately patching if possible, or running the new CVE-2025-29927 rules in blocking mode if this is not possible. Traceable customers as of now are protected and we are directly contacting customers where we have seen active exploitation in the coming days.

APIs power modern applications, but managing them at scale is challenging. Shadow APIs, multiple gateways, and fragmented infrastructures create security risks and governance gaps. Traditional approaches aren’t enough—so how do you ensure compliance, security, and scalability? Join us on March 25, 2025, at 8:00 AM PDT for a deep dive into modern API governance strategies. Learn how Kong and Traceable help organizations: - Discover and secure all APIs, including shadow APIs - Centralize governance without disrupting workflows - Enhance security with real-time threat detection - Enforce authentication, encryption, and compliance Don’t miss this opportunity to future-proof your API strategy! Register now: https://lnkd.in/gSCJy5iA

A few months back, critical vulnerabilities were discovered in ownCloud, a popular platform for file storage, sharing, and collaboration. These issues allowed unauthorized access to sensitive information, tampering with oAuth parameters, and even manipulation of user files. Here’s what happened: 🔑 Admin credentials and license keys were exposed. 🔗 oAuth tokens could be redirected to attacker-controlled domains. 🗂 User files were at risk of unauthorized tampering. ✅ ownCloud has released patches. Upgrade your systems immediately to ensure your data is secure. Read the full analysis here: https://bit.ly/4fUybDM Reminder: When building with third-party APIs, always validate their security standards—or treat them like untrusted input. Vulnerabilities like these underscore the importance of safeguarding APIs, as highlighted in the OWASP API Top 10 under "Unsafe Consumption of APIs."

#ThrowbackThursday ICYMI: Last year at RSA, our Co-Founder and CTO, Sanjay Nagaraj, sat down with the NYSE to discuss Traceable's mission to secure APIs—the backbone of all modern applications. 🚀 In the interview, Sanjay highlights: 📈 The surge in demand for API security, driven by the rise of API-driven businesses. 🤖 Traceable's AI-powered platform that protects and tests APIs at runtime, helping organizations secure their most critical assets efficiently. 🛡️ Exciting new features rolling out to secure GenAI applications, including protecting against prompt injection and shadow AI risks. Catch the full conversation and learn how we're shaping the future of API security. 👇 https://bit.ly/4eTuFtj

API drift—the misalignment between an API’s functionality and its documentation—is a subtle yet impactful issue that can disrupt developer productivity, client trust, and operational workflows. But addressing API drift doesn’t have to be daunting. As Rajesh Kamisetty explains: “It’s worth giving it a shot to see for yourself if it works or not. He suggests creating a drift index to quantify the amount of drift and establishing SLAs to address drift. Machine learning, such as through products like Traceable, can also help construct a schema and normalized endpoints that can be compared to an API specification, he says. Using versioning and automatically validating the specification against endpoints and payloads can also help mitigate drift." By adopting tools and practices like these, organizations can detect, quantify, and resolve drift before it becomes a larger issue. Ensuring APIs stay aligned with their specifications enhances both internal efficiency and external trust. How is your team approaching API alignment? Read the whole article here: https://bit.ly/3Z3PDyR

ICYMI: 👇 🎥 Traceable's Adam Arellano sat down with Oded Hareven (CEO & Co-founder, Akeyless) to discuss one of the most pressing challenges in #SecretsManagement. What’s inside the whole chat? 🔐 Secrets & machine identity management 🤖 The transformative impact of AI in cybersecurity 🌟 Strategic insights for security leaders preparing for the future 👉 Watch the full conversation here: https://bit.ly/4iypscs

Generative AI is totally changing industries, but many security teams are still in “listen and learn” mode. As companies explore use cases and infrastructure, security can’t take a backseat. In our latest blog, we outline a Crawl - Walk - Run strategy for securing generative AI-enabled applications: 🚶 Crawl: Discover generative AI in your applications, starting with comprehensive API visibility. 🏃♂️ Walk: Assess and manage the security posture of your generative AI APIs. 🏆 Run: Implement runtime protection for continuous monitoring and threat detection. Learn how Traceable’s new Generative AI API Discovery makes securing AI simple and accessible for all. Read more here 👉 https://bit.ly/3XqYz0b

Congrats to Jyoti Bansal and Sanjay Nagaraj! Such exciting news to see from two great companies and founders. We’re thrilled to continue working with Harness and Traceable, both Citi Ventures portfolio companies, as they merge to drive the future of DevSecOps.

Last week was a whirlwind! Harness + Traceable = 🚀 Seeing our partnership spotlighted at the New York Stock Exchange was an unforgettable milestone! 🙌 With Traceable’s expertise in API security and observability and Harness’ leadership in software delivery, we’re redefining how DevSecOps is done. 💪 This is just the beginning!