Abstract: Techniques are provided for an “on demand” or event-triggered end user monitoring/remote user monitoring (EUM/RUM) solution that is activated when the user has requested it, or an event (conditions of which are set by a user) occurs that triggers activation of the EUM/RUM solution. This EUM/RUM may be completely integrated into an enterprise IT Help Desk system, whereby support “tickets” are automatically generated when the monitoring solution is instantiated.

Abstract: Methods and apparatuses for prioritizing transactions are disclosed. An example method of an application performance monitor (APM) comprises intercepting a first packet being transmitted in a network that is monitored by the APM; determining that the first packet is associated with a transaction of the web application that is to be provided with an alternate level of service; modifying a field in the first packet to include metadata interpretable by at least one network device in the network to cause the at least one network device to provide the alternate level of service; and injecting the first packet into the network. The APM may cause network devices to prioritize a specific transaction of an application based on importance.

Abstract: According to some embodiments, a method includes detecting a start of an OpenTelemetry span by an application and determining security information related to the start of the OpenTelemetry span. The method further includes monitoring the application for one or more application behaviors during execution of the OpenTelemetry span. The method further includes detecting an end of the OpenTelemetry span by the application, and in response, calculate a security score for the OpenTelemetry span using the security information related to the start of the OpenTelemetry span and the one or more application behaviors detected during execution of the OpenTelemetry span. The method further includes updating a status of the OpenTelemetry span to include the security score and a text string related to the calculation of the security score.

Abstract: A method is provided that is performed using an application performance management agent running on an application and/or application microservices. The method comprises detecting a request to the application and/or application microservices for data, and inserting data compliance metadata into packet headers of packets that are to be sent in response to the request by the application and/or application microservices. The data compliance metadata comprises data-compliance markings associated with the data based on user/operator-defined data compliance requirements. The method further includes causing the packets to be sent into a network so that one or more network devices or services in the network can read the data compliance metadata and apply packet handling policies.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: Techniques are provided for an “on demand” or event-triggered end user monitoring/remote user monitoring (EUM/RUM) solution that is activated when the user has requested it, or an event (conditions of which are set by a user) occurs that triggers activation of the EUM/RUM solution. This EUM/RUM may be completely integrated into an enterprise IT Help Desk system, whereby support “tickets” are automatically generated when the monitoring solution is instantiated.

Abstract: A system of one embodiment that provides proactive security policy suggestions for applications based on the applications' software composition and runtime behavior. The system includes a memory and a processor. The system is operable to access data that represents one or more features of an application. The application is running on one or more nodes in a computer network, and a feature indicates an application library of the node. The system is operable to apply a clustering algorithm to the data to generate a plurality of cluster sets. The system is operable to determine a security policy to apply to a cluster set of the plurality of cluster sets and apply the security policy to an application whose features are represented by the data in the cluster set.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: In one embodiment, a method includes identifying, by a device, a unit test, modifying, by the device, the unit test to include a performance test, and modifying, by the device, the unit test to include a security test. The method also includes executing, by the device, the performance test and executing, by the device, the security test. The method further includes generating, by the device, performance test results in response to executing the performance test and generating, by the device, security test results in response to executing the security test.

Abstract: In one embodiment, a method includes receiving, by a network component, application performance data. The application performance data is associated with one or more applications. The method also includes determining to transform, by the network component, the application performance data into application security data, generating, by the network component, a baseline for the application security data, and detecting, by the network component, an anomaly in the baseline. The method further includes determining, by the network component, a potential security threat based on the anomaly.

Abstract: According to some embodiments, a method includes determining a plurality of business transactions for a plurality of services provided by an application. The method further includes calculating a vulnerability score for each determined business transaction. Each vulnerability score is based on one or more application context factors of a plurality of application context factors. The method further includes displaying a graphical user interface. The graphical user interface includes a list of the determined business transactions and the calculated vulnerability score for each determined business transaction in the list.

Abstract: A computing system for identifying and scoring problems associated with call stacks. The computing system identifies call stacks associated with an application and determines a problem occurs in the application. The computer system compares a call stack of a first set of applications with a call stack of a second set of applications, wherein the call stack of the first set of applications includes the problem and the call stack of the second set of applications does not include the problem. The computer system generates a score indicating a likelihood that a particular call stack caused the problem based on whether the particular call stack is included in the call stack of the first set of applications, the call stack of the second set of applications, or both. The computing system generates a notification comprising the score indicating the likelihood that the particular call stack caused the problem.

Abstract: A system and method for securing an application includes determining processing information associated with the application, determining an application dependency map associated with the application at least in part based on the processing information, and determining a security context associated with the application based on the application dependency map.

Abstract: Methods are provided in which a domain name system (DNS) service obtains a lookup request for information about a source of a traffic flow being transmitted to a network resource external of a service cluster and performs, based on the lookup request, a lookup operation for a microservice that is the source of the traffic flow, among a plurality of microservices of the service cluster registered with the DNS service. The methods further include providing information about the microservice based on the lookup operation. The information includes at least a name of the microservice for visibility of the microservice external of the service cluster.

Abstract: Methods are provided in which a domain name system (DNS) service obtains a lookup request for information about a source of a traffic flow being transmitted to a network resource external of a service cluster and performs, based on the lookup request, a lookup operation for a microservice that is the source of the traffic flow, among a plurality of microservices of the service cluster registered with the DNS service. The methods further include providing information about the microservice based on the lookup operation. The information includes at least a name of the microservice for visibility of the microservice external of the service cluster.

Abstract: An example method identifying a request to access or modify a data resource. The request is made by a user. The example method further includes authenticating the user. Based on authenticating the user, the example method includes determining that the request is associated with a malicious intent based on a characteristic of the user. Further, based on determining that the request is associated with the malicious intent, the example method includes blocking the user from accessing or modifying the data resource.

Abstract: A policy generation agent automatically generates a security policy for an application and a security manager. The agent runs the application in a development environment, causing the application to request permissions from the security manager. The agent passes the permissions request to the security manager. The security manger determines whether to approve or deny the request based on a permissions policy. Responsive to a determination to deny the request, the agent generates an updated permissions policy by updating the permissions policy to approve subsequent requests for the permissions. The agent also associates the updated permissions policy with the application, and suppresses any exceptions generated by the security manager in denying the request before approving the request for the permissions in the development environment.

Abstract: Methods and apparatuses for prioritizing transactions are disclosed. An example method of an application performance monitor (APM) comprises intercepting a first packet being transmitted in a network that is monitored by the APM; determining that the first packet is associated with a transaction of the web application that is to be provided with an alternate level of service; modifying a field in the first packet to include metadata interpretable by at least one network device in the network to cause the at least one network device to provide the alternate level of service; and injecting the first packet into the network. The APM may cause network devices to prioritize a specific transaction of an application based on importance.

Abstract: The present technology includes applying a security policy by an application security system to a transaction within an application that is monitored by the application security system. The present technology includes monitoring transaction occurring between a client device an application over a network. The present technology also includes identifying a first transaction from the transactions as a sensitive transaction. The sensitive transaction is associated with an authentication policy requiring an authentication. The present technology also includes interrupting the application. The present technology also includes prompting the client device for the authentication.