Abstract: In one embodiment, an illustrative method herein may comprise: listening, by an agent process, to a discovery-based execution of an application; determining, by the agent process, a plurality of transition locations during the discovery-based execution of the application; recording, by the agent process, the plurality of transition locations into a recorded file; and providing, by the agent process, the recorded file to cause injection of instrumentation into the plurality of transition locations during runtime of the application based on the recorded file.

Abstract: In one embodiment, webpage data for a webpage is downloaded by a web browser executed by a client device. The client device inserts instrumentation into the webpage data to collect event metrics for events associated with the webpage. The client device selects, based on a user-defined policy, a set of event metrics from among the collected event metrics to be shared with a proxy service. The client device sends the selected set of event metrics to the proxy service. The proxy service provides access to the set of event metrics to one or more collectors registered with the proxy service.

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted within a software development environment, wherein the transaction data is captured by instrumentation code inserted into the software development environment at runtime. The device identifies, based on the transaction data, an access policy for the transaction. The device makes, based on the access policy, a determination that the transaction is not authorized. The device causes, via the instrumentation code, the transaction to be blocked from completing within the software development environment.

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted by a client of an online application within the online application. The transaction data is captured by instrumentation code inserted into the online application at runtime. The device identifies, based on the transaction data, traffic in a network associated with the transaction. The device associates, based on the transaction data, a measure of importance with the traffic. The device causes the traffic to be sent by a networking device in the network according to its associated measure of importance.

Abstract: In one embodiment, an agent executed by a device intercepts webpage code for a website sent from an application server to a client of the website. The agent identifies a portion of the webpage code as being used for webpage analytics. The agent forms modified webpage code by disabling the portion of the webpage code, based on one or more performance metrics associated with the website. The agent sends the modified webpage code to the client of the website.

Abstract: In one embodiment, a device obtains transaction data regarding a transaction attempted by a client of an online application to access confidential information within the online application. The transaction data is captured by instrumentation code inserted into the online application at runtime. The device permits, based on a policy, the transaction to complete within the online application. The device determines, based on the policy, a set of one or more client-side functions to disable during the transaction. The device instructs an agent executed by the client to disable the set of one or more client-side functions during the transaction.

Abstract: In one embodiment, a device receives traffic flow information regarding an application programming interface call made to a particular endpoint via a path in a network. The device requests, based on the traffic flow information, that a plurality of distributed agents in the network perform a trace of the path taken by the application programming interface call. The device receives results from the trace of the path performed by the plurality of distributed agents. The device causes a security policy to be enforced with respect to application programming interface calls made to the particular endpoint, based on the results from the trace.

Abstract: In one embodiment, an illustrative method herein may comprise: listening, by an agent process, to a discovery-based execution of an application; determining, by the agent process, a plurality of transition locations during the discovery-based execution of the application; recording, by the agent process, the plurality of transition locations into a recorded file; and providing, by the agent process, the recorded file to cause injection of instrumentation into the plurality of transition locations during runtime of the application based on the recorded file.

Abstract: In one embodiment, a device obtains data regarding a transaction attempted by a user account within an online application that is captured by instrumentation code that is inserted into the online application at runtime, wherein the user account has sufficient privileges within the online application to perform the transaction. The device makes an inference about the data regarding the transaction using a behavioral model. The device determines, based on the inference, a mitigation action for performance within the online application according to an enforcement policy. The device enforces the mitigation action within the online application.

Abstract: In one embodiment, a device obtains data regarding a transaction attempted by a user within an online application that is captured by instrumentation code that is inserted into the online application at runtime, wherein the user has sufficient privileges within the online application to perform the transaction; The device sends, based on the data regarding the transaction, one or more approval requests to one or more authorizers. The device receives one or more responses to the one or more approval requests. The device blocks, and based on the one or more responses, the transaction attempted by the user within the online application via the instrumentation code.

Abstract: In one embodiment, a device launches a core agent for a Java application. The core agent loads a first tenant and a second tenant, each tenant having its own isolated class loader. The device instruments, via the core agent and by each tenant, the Java application to capture data regarding execution of the Java application. The device provides the captured data to a user interface.

Abstract: In one embodiment, a software agent profiler process attaches to an application and a primary instrumentation interface for the application, and discovers one or more software agents associated with the application. The software agent profiler process may then launch the one or more software agents within an encapsulated container environment of the software agent profiler process by configuring each of the one or more software agents, respectively, to point to a proxy instrumentation interface of the software agent profiler process instead of the primary instrumentation interface for the application. As such, the software agent profiler process may receive calls from the one or more software agents on the proxy instrumentation interface of the software agent profiler process, and can manage the calls from the one or more application agents prior to the calls being passed to the primary instrumentation interface for the application.

Abstract: In one embodiment, a microservice, that provides one or more services for one or more distributed business transactions offered by an application, obtains a service request for a particular business transaction involving a particular user device executing the application. The microservice determines whether the service request includes an indication of authentication results for the particular business transaction that satisfy one or more authentication requirements of the microservice. The microservice sends, based on the indication of authentication results for the particular business transaction not satisfying the one or more authentication requirements of the microservice, a request for the particular user device to perform authentication for the particular business transaction to satisfy the one or more authentication requirements.

Abstract: In one embodiment, a service determines authentication credentials for a web application transaction. The service determines one or more performance metrics regarding the web application transaction. The service generates an enhanced web token comprising the one or more performance metrics regarding the web application transaction. The service sends the enhanced web token and the authentication credentials along a path of the web application transaction, the path including one or more services configured to use the one or more performance metrics sent in addition to the authentication credentials to process the web application transaction.

Abstract: In one embodiment, a device launches a core agent for a Java application. The core agent loads a first tenant and a second tenant, each tenant having its own isolated class loader. The device instruments, via the core agent and by each tenant, the Java application to capture data regarding execution of the Java application. The device provides the captured data to a user interface.

Abstract: In one embodiment, a method herein comprises: intercepting runtime calls from a telemetry invocation for method entry to discover loaders; determining whether an implementation tenant is already allocated for a particular discovered loader; allocating, in response to no implementation tenant being already allocated for the particular discovered loader, a particular implementation tenant from a plurality of available implementation tenants, wherein a corresponding loader for the particular implementation tenant is set to delegate from the particular discovered loader; and calling, in response to the particular implementation tenant being allocated or being already allocated for the particular discovered loader, a method entry for the particular implementation tenant to perform an associated interception operation while using direct telemetry class and/or method calls.

Abstract: In one embodiment, a method may comprise: instrumenting, by a process, runtime of a software application; detecting, by the process, a reflection call made within the runtime of the software application; determining, by the process and from the reflection call, a reflection target and a reflection caller; comparing, by the process, the reflection target, the reflection caller, and the reflection call against a security policy; and performing, by the process, one or more mitigation actions on the reflection call in response to a violation of the security policy. In another embodiment, a secure audit process first generates the security policy based on approving reflection calls, reflection targets, and reflection callers seen during a runtime of the software application in a secure environment, and then shares the security policy with local instrumentors of the software application to cause enforcement of the security policy against a local runtime of the software application.

Abstract: In one embodiment, an agent process performs performance monitoring according to either a network performance monitoring platform or an application performance monitoring platform. The agent process exchanges a request message with a remote agent process (performing performance monitoring according to the opposing platform), where the request message comprises a transaction identifier and a requested action. The agent process also exchanges, in response to the request message, a response message with the remote agent process, wherein the response message comprises an acknowledgment of the transaction identifier and the requested action.

Abstract: In one embodiment, a device instruments an application to generate OpenTelemetry trace data during execution of the application. The device identifies, based on where the application was instrumented, a particular method of the application. The device determines that a circuit breaker should be inserted for the particular method of the application. The device inserts a circuit breaker for the particular method.

Abstract: In one embodiment, a client device accesses an online application via a browser executed by the client device. The client device makes an assessment as to whether the online application uses Hypertext Transfer Protocol (HTTP) security headers that satisfy a security header policy. The client device generates scoring for the webpage based on the assessment. The client device presents the generated scoring to a user of the client device.