Hi [[ session.user.profile.firstName ]]

Observability: Present & Future

Observability plays an important role in a world full of modern cloud-native applications. It helps us to understand complex architectures, the root cause of the problems, and performance issues easily. Observability has a diverse community of open source and enterprise solutions and every solution has something better to offer on its own. In this Panel discussion, we will understand our panelists' visions around observability and discuss the challenges that lie ahead. We will also hear some interesting use-cases and ways companies are trying to utilize observability to detect problems in their tech stack.
Panelists:
- Sanjay Nagaraj, CTO, Traceable AI (https://twitter.com/SanjayNSF)

- Jonah Kowall, CTO of Logz.io (https://twitter.com/jkowall)

- Janakiram MSV, Principal Analyst, Janakiram & Associates (https://twitter.com/janakiramm)

- Wu Sheng, Founder of Skywalking | Founding engineer, Tetrate | BOD, Apache foundation (https://twitter.com/wusheng1108)
Recorded Apr 28 2021 55 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jayesh Ahire, Sanjay Nagraj, Jonah Kowall, Janakiram Msv, Wu Sheng
Presentation preview: Observability: Present & Future

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Service mesh observability Jul 13 2021 6:00 pm UTC 31 mins
    Wu Sheng
    Service mesh is a way to control how different parts of an application share data with one another. Unlike other systems for managing this communication, a service mesh is a dedicated infrastructure layer built right into an app. Most of the time it acts as a tool for adding observability, security, and reliability features to applications by inserting these features at the platform layer rather than the application layer.
    Service mesh provides us a lot of out of the box capabilities like service discovery and resilience but at the same time it can also help with Observability. Observability helps us to continuously monitor the state of the application and determine what’s going on in the guts of our application, or help us detect when something goes wrong with the application. Service mesh supports collection of telemetry data especially metrics, traces and logs which are pillars of Observability and it can also collect additional important metrics.
    In this episode, we will discuss how service mesh Observability works and what is the future of it with Wu Sheng who has been working on service mesh for quite a long time. We will also understand challenges and give some pointers for people who are getting started with service mesh Observability.

    About Speaker:
    Wu Sheng is a founding engineer at tetrate.io, leads the observability for service mesh and hybrid cloud. A searcher, evangelist, and developer in observability, distributed tracing, and APM. He is a member of the Apache Software Foundation. Love open source software and culture. Created the Apache SkyWalking project and is its VP and PMC member. Co-founder and PMC member of Apache ShardingSphere. Also as a PMC member of Apache Incubator and APISIX. He is awarded as Microsoft MVP, Alibaba Cloud MVP, Tencent Cloud TVP.
  • All about your side cars - NGINX & Traceable Jul 13 2021 4:00 pm UTC 60 mins
    Sudeep Padiyar, Damian Curry
    Join this webinar to learn how NGINX and Traceable can help you seamlessly deploy resilient and secure apps in Kubernetes. NGINX Ingress Controller provides load balancers with automated configuration to ensure that your Kubernetes applications are delivered reliably at high velocity. Traceable’s NGINX plugin extends those capabilities to add API Discovery and risk management, protection for all your microservices and APIs deployed in your K8s clusters.
  • Mobile API testing Jul 6 2021 6:00 pm UTC 60 mins
    Dr. Katie Paxton-Fear
    Mobile apps have some of the biggest API attack surfaces out there, and very few hackers are looking at them! This can often mean that malicious actors have the upper hand. In this webinar, we will cover the basics of mobile API testing on Android using an emulator, the key issues in mobile API testing and how to get started hacking mobile APIs.
  • Managing API Driven Applications Jul 1 2021 6:00 pm UTC 60 mins
    Renata Budko
    As the API economy accelerates, providing business services are increasingly being built using microservices and APIs. Join us on this webinar to learn how to manage your application APIs - understand the difference between internal, external and backend APIs, learn what API technology is right for your products and services and how to understand and manage the underlying performance implications and media transmissions, API security, and what you need to know about API compatibility and versions.
  • API Hacking Methodology Jun 29 2021 6:00 pm UTC 60 mins
    Dr. Katie Paxton-Fear
    So we know the basics of API hacking, now it's time to go deeper, in this webinar we'll move from beginner introductions to a checklist that you can follow when you conduct API testing. In addition, we'll also start to talk about API tools and what tools hackers use to test APIs from the outside. This webinar will provide a checklist for those who are familiar with API testing already and just want to focus on actionable testing
  • API Recon Recorded: Jun 15 2021 42 mins
    Dr. Katie Paxton-Fear
    One of the biggest problems API hackers face is attack surface, while developers know the API endpoints, external testers do not. In this webinar, we'll discuss how you perform recon on an API in order to find new routes, parameters. Exploring an APIs attack surface from the outside and some of the API tools available to help you do this.
  • Tracing: A foundation of modern Observability? Recorded: Jun 10 2021 26 mins
    José Carlos Chavez
    Distributed Tracing, which is getting a lot of mindshare in the last few years, is now becoming the new foundation of DevOps. Unlike traditional Application Performance Monitoring (APM), Distributed Tracing is intended to address the observability challenges and use-cases in the new microservices world. It is particularly well-suited to debugging and monitoring modern distributed software architectures, such as microservices. It helps pinpoint or isolate where failures occur and what causes sub-optimal performance.
    In this discussion, Jose Carlos will talk about how distributed tracing provides the context which metrics and logs don’t and what are different interesting use-cases he came across and challenges he faced while working on tracing in the past few years.

    Speaker bio:
    José Carlos 'JC' Chávez (@jcchavezs) is a Sr. Software Engineer at Traceable.ai where he works on Zipkin, Hypertrace & OpenTelemetry, and all things tracing! Prior to Traceable, JC worked at Expedia where he contributed to Zipkin and Haystack
  • API hacking 101 Recorded: Jun 1 2021 55 mins
    Dr. Katie Paxton-Fear
    In this webinar, we will cover the basics of API security, but instead of being a defender, we're now attacking! We'll cover the basics of API hacking including what they are, the API security top 10, how you can test for vulnerabilities in your APIs, including a demo showing these techniques not just in theory but also in practice! APIs hacking is a great place to get started with API security and hacking in general.
  • Continuous Delivery and Application Security - The Future Recorded: May 26 2021 49 mins
    Jyoti Bansal, Anoop Kartha
    In this webinar, Jyoti Bansal, CEO and Founder, Traceable.AI and Harness.io, explains how the new technologies of micro services, APIs, and cloud-native architectures have created new attack surfaces and potential vulnerabilities, and the things we are doing to help close the gaps.

    What we'll cover:
    - The new security challenges we’re all facing
    - How Traceable uniquely helps secure modern apps
    - How Traceable will enhance CI/CD with shift-left, shield right security
    - Demo of the product
    - Interactive Q&A with Jyoti
  • Observability: Present & Future Recorded: May 20 2021 55 mins
    Jayesh Ahire, Sanjay Nagraj, Jonah Kowall, Wu Sheng
    Observability plays an important role in a world full of modern cloud-native applications. It helps us to understand complex architectures, the root cause of the problems, and performance issues easily. Observability has a diverse community of open source and enterprise solutions and every solution has something better to offer on its own. In this Panel discussion, we will understand our panelists' visions around observability and discuss the challenges that lie ahead. We will also hear some interesting use-cases and ways companies are trying to utilize observability to detect problems in their tech stack.
    Panelists:
    - Sanjay Nagaraj, CTO, Traceable AI (https://twitter.com/SanjayNSF)

    - Jonah Kowall, CTO of Logz.io (https://twitter.com/jkowall)

    - Janakiram MSV, Principal Analyst, Janakiram & Associates (https://twitter.com/janakiramm)

    - Wu Sheng, Founder of Skywalking | Founding engineer, Tetrate | BOD, Apache foundation (https://twitter.com/wusheng1108)
  • Continuous Delivery and Application Security - The Future Recorded: Apr 30 2021 49 mins
    Jyoti Bansal, Anoop Kartha
    In this webinar, Jyoti Bansal, CEO and Founder, Traceable.AI and Harness.io,
    explains how the new technologies of micro services, APIs, and cloud-native architectures have created new attack surfaces and potential vulnerabilities, and the things we are doing to help close the gaps.

    What we'll cover:
    - The new security challenges we’re all facing
    - How Traceable uniquely helps secure modern apps
    - How Traceable will enhance CI/CD with shift-left, shield right security
    - Demo of the product
    - Interactive Q&A with Jyoti
  • Observability: Present & Future Recorded: Apr 28 2021 55 mins
    Jayesh Ahire, Sanjay Nagraj, Jonah Kowall, Janakiram Msv, Wu Sheng
    Observability plays an important role in a world full of modern cloud-native applications. It helps us to understand complex architectures, the root cause of the problems, and performance issues easily. Observability has a diverse community of open source and enterprise solutions and every solution has something better to offer on its own. In this Panel discussion, we will understand our panelists' visions around observability and discuss the challenges that lie ahead. We will also hear some interesting use-cases and ways companies are trying to utilize observability to detect problems in their tech stack.
    Panelists:
    - Sanjay Nagaraj, CTO, Traceable AI (https://twitter.com/SanjayNSF)

    - Jonah Kowall, CTO of Logz.io (https://twitter.com/jkowall)

    - Janakiram MSV, Principal Analyst, Janakiram & Associates (https://twitter.com/janakiramm)

    - Wu Sheng, Founder of Skywalking | Founding engineer, Tetrate | BOD, Apache foundation (https://twitter.com/wusheng1108)
  • What AI can do for API Security Recorded: Apr 21 2021 60 mins
    Ravindra Guntur, Ranaji Krishna
    Using machine learning for cloud-native application security
    Join security and DevOps experts as they discuss how TraceAI uses machine learning for cloud-native application security.

    In this live session we will cover goals for TraceAI:

    High-level picture of where TraceAI sits with respect to the Traceable platform
    Representing the attack surface from an ML point of view
    Metric anomaly detection
    API call patterns, distributions and rates
    User behavior and anomaly detection
    Get hints for what we will do in the future: Trust-Risk-Plausibility
  • Introduction to the API Security Landscape Recorded: Apr 14 2021 33 mins
    Inon Shkedy
    The rapid rise of cloud-native applications, microservices, and mobile/IoT has lead to the wide-spread use of API's as the glue between all the components that make up the applications. These APIs are designed to share data and execution between services, which also makes them great attack vectors, as they have access to user data, execute business logic, are fairly transparent, and are wide-spread.

    Join Inon Shkedy, Traceable AI's Head of Security Research, as he introduces the new API security landscape and answers such questions as:

    - How do API's work?

    - Why are APIs so vulnerable?

    - Why are they so interesting to bad actors?

    - What API vulnerabilities should I watch out for?
  • Problems Runtime Application Self-Protection (RASP) Doesn’t Solve Recorded: Apr 7 2021 26 mins
    Roshan Piyush
    RASP, or Runtime Application Self-Protection, is a modern security technology that protects web applications from attacks during runtime. The technology is an important complement to defense systems that focus on the perimeter, but RASPs also have weaknesses that can introduce their own vulnerabilities.

    What are RASP’s strengths and weaknesses in protecting against modern security threats? Are there better solutions that offer more in-depth insight into attacks as well as to detect suspicious behavior?

    We'll take a deeper look into RASPs. What their advantages are, and what their disadvantages are. And then suggest some things you should look for in an app security solution.
  • API Security: Everything You Need to Know To Protect Your APIs Recorded: Mar 19 2021 61 mins
    Aaron Lieberman (Big Compass), Dan Gordon (Traceable AI)
    With more APIs in circulation than ever before, there has been a direct correlation to the number of API abuses reported across industries. This is because APIs are such a valuable asset to bad actors, but many organizations have not yet woken up to the realities of the need to protect their APIs from abuse. If you couple that with the fact that attacks on APIs have become more sophisticated, with some attackers even using AI themselves, then you can see why even some of the more security-conscious organizations can have trouble properly securing their APIs.


    A robust API Security posture can be broken down into several areas including:
    * Proper design and coding during the development process
    * API governance and compliance through visibility of all your APIs (shadow too!) and a mapping of how they connect to each other.
    * General application and API protection from tools such as API gateways, WAFs, NG-WAF, and RASPS
    * An always-updating understanding of your user behaviors regarding your APIs.


    You won’t have comprehensive API security without solutions in each of these areas.


    We will also discuss:
    * The roles of API developers, infosec, support, and enterprise architects as it relates to API security
    * Microservices role in making it difficult to secure your APIs
    * The importance of inventorying your APIs
    * How technologies like Traceable can help protect your APIs against advanced attacks


    Key takeaways:
    * Why your API's are a key attack surface for modern bad actors
    * Why API's are so much harder to secure than traditional web traffic
    * What's necessary to secure your APIs Why yesterday's solutions can't solve today's new API security challenges
  • Managing Security and Risk throughout the Digital Transformation Process Recorded: Dec 3 2020 47 mins
    Jyoti Bansal, Upendra Mardikar, Andreas Wuchner
    With digital transformation in the financial service sector accelerating faster than ever, securing the leading edge of technologies and methodologies has never been more important.

    Financial services security leaders Andreas Wuchner, Group Head IT & Risk Governance at Credit Suisse, Upendra Mardikar, Chief Security Officer at Snap Finance (formerly with American Express, Visa, and PayPal), and Jyoti Bansal, Founder & CEO Traceable, AppDynamics, Harness, and Unusual Ventures explore the new challenges:

    - What the current security stack is, and where are the gaps are with regards to protecting new architectures

    - How and why security leaders need to foster partnerships with their development and DevOps teams

    - What the role of security automation and emerging technologies are to enable that, and how to make existing personnel more efficient
  • Secure your GraphQL & gRPC APIs Recorded: Oct 29 2020 28 mins
    Renata Budko
    Are your applications protected?

    Join security experts as we discuss how optimal application and API architecture requires the use of new protocols.

    In this live session we will cover:

    The use of Traceable for cloud-native application security
    Protecting your external and internal APIs from OWASP Top 10 risks - API Security
    The new capabilities of Traceable in the GraphQL and gRPC protocols - graphql security
    The move from a 3-tier architecture to microservices made the applications more distributed and API centric and exposed internal business logic. The APIs and protocols also evolved from proprietary to standardized protocols, like REST, GraphQL, GRPC, and with flexible data structures in JSON and YAML allowing for frequent evolution.

    Hackers, always the opportunists, saw the gap and took advantage. New category of API-centric attacks emerged and became so dangerous that the OWASP API project was born to help educate security professionals about these new threats to your API security
  • OWASP API Security - The Attacker's Perspective Recorded: Oct 15 2020 45 mins
    Inon Shkedy
    Inon Shkedy (Head of Security Research, Traceable ; co-author OWASP API Top 10) explores the OWASP API Top 10 project and provides detailed explanations about the API threats documented in the OWASP project.

    In this 4th and final episode, Inon will focus on the attacker’s perspective on API security:

    How the predictable nature of REST APIs can help you to find admin endpoints and write better payloads to exploit mass assignment?
    How to approach API pentest? Which features and endpoints you should prioritize to maximize your time?
    What to do when you get stuck and need to expand the attack surface? What are the best tools you can use to find more entry points to the tested application?
    Inon will also explore these vulnerabilities from a developer perspective and answer questions on these topics and the OWASP API Top 10.
Traceable- Discover - Observe - Protect
Traceable enables security to keep up with engineering and the continuous pace of change and protect modern applications from modern threats. Traceable applies the power of machine learning and distributed tracing to understand the DNA of the application, how it is changing, and where there are anomalies in order to detect and block threats, making businesses more secure and resilient.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Observability: Present & Future
  • Live at: Apr 28 2021 2:15 pm
  • Presented by: Jayesh Ahire, Sanjay Nagraj, Jonah Kowall, Janakiram Msv, Wu Sheng
  • From:
Your email has been sent.
or close