API Security for Everyone - Free Tier Launch

Join us on Tuesday, 2nd July as Nephosec founder and FireTail customer, Thomas Martin, joins Timo Rüppell, VP of Product, and Jeremy Snyder, Co-founder & CEO, to talk about our new free tier. On this webinar, the team will explore how this new initiative opens the door for developers and organizations of any size to access enterprise-level API security tools while furthering FireTail's mission to secure the world's APIs.

API Security for Everyone - Free Tier Launch

On this free, 45-minute webinar you'll learn about:

FireTail's Mission - why we are passionate about securing the world's APIs and how this initiative will help bring us closer to that goal.

Free Tier Features - what you can do with our new free tier plan and why it’s perfect for smaller organizations striving for stronger API protection or a great way for individuals and teams within larger organizations to get started.

Live Demo - see FireTail in action and learn about everything you can do with our free tier to protect the APIs that matter most to your business.

Developer Support - a look at the ways we help our community to succeed and achieve real, end-to-end API security.

Getting Started - a step-by-step walkthrough of getting started with FireTail's new free tier.

Webinar Transcript

brand new free tier which we believe will really open up Enterprise level

0:07

API security tools to organizations of all sizes now before we kick off proceedings

0:12

properly I just want to do a little bit of housekeeping we will have time for questions at

0:17

the end. So if you didn't submit a question upon registering you can still ask us

0:24

be in the chat function on the YouTube stream. We will do our very best to get to all of your questions at the end of the

0:30

webinar. Also, we will share a recording of the event. So there's no need to worry about

0:36

taking notes or screen grabbing as we go and now as you'll see we're joined here today by two

0:43

and very familiar faces and Timo Rupel our VP of product who

0:49

has led the development of this new free plan as well as our CEO and co-founder. Jeremy

0:55

Snyder. as I said over the next 45 minutes, we're going to show you everything you need to know

1:01

about this free tier and but as a special treat today, we're also thrilled to welcome a very

1:08

special guest host Thomas. >> Jeremy Snyder: here >> Alan Fagan: Martin Thomas is the founder of Neville SEC where he and his team partner with companies of all shapes

1:16

and sizes to ensure to secure adoption of cloud Technologies prior to NFL SEC Thomas was

1:21

about the techn largest and Chief Information officer at

1:26

General Electric and over his career. He has led the migration of 9,000 plus Legacy

1:35

workloads to public and private Cloud infrastructure since

1:40

leaving GE and two to 2017 Thomas has dedicated his efforts to helping companies by sharing his in-depth expertise

1:46

and insights related to Enterprise Cloud adoption application migration and the management of cloud

1:53

Technologies at scale Thomas' company. Nephrosec is both a fire tale customer and partner

2:00

and that's why we're so excited to have them here with us today and as a customer and active user of fire tell we know he'll

2:07

bring a very unique perspective and he'll ask all of the questions that you really want to answer Thank you so much for

2:13

joining us today. >> Thomas Martin: Alan thank you. It's great to be here. What an exciting day anxious to

2:18

hear >> Alan Fagan: it >> Thomas Martin: more about the free tier launch. >> Alan Fagan: awesome. Awesome. Well, look, we really appreciate your help with this and before

2:24

I hand over. to controls and leave things in your very capable hands. Maybe you could

2:29

tell us a little bit more about nepho SEC like, what do you do? Who do you serve and what are the problems that you solve?

2:37

>> Thomas Martin: Sure, Alan, so as you mentioned nephec was launched in 2017 and ultimately

2:42

we work with companies of all sizes, but primarily our customer base is mostly the Enterprise level customer and

2:49

we actually helped them build out and Implement as Hands-On keyboard their overall Cloud

2:54

security. >> Jeremy Snyder's Presentation: you >> Thomas Martin: program and that that includes all aspects from a the configuration of

3:01

individual resources to the whole shift left program and being able to deploy safe infrastructure, but that's

3:07

continued to expand to also include the firetail product line and API security. So we're super excited. >> Alan Fagan: Breaded

3:12

brilliant. Well, look that's super interesting And I think you know we can safe to say

3:18

that you get to see a lot of cloud and application security challenges up. Close. >> Thomas Martin: That we do.

3:23

>> Alan Fagan: However, how important are apis and what you

3:29

do and what's important when it comes to API security and and what has your experience been with with firetale? >> Thomas Martin: Sure, Alan's,

3:34

you know. >> Jeremy Snyder: if >> Thomas Martin: this has been an ultimately a journey right over the past, you know ever even at the time that I had a

3:39

general electric we knew early on that trying to manage security at scale was going to

3:45

represent a challenge. I think most organizations have begin.

3:51

Gone to not only mature through the basics of managing visibility as well as

3:56

remediation of non-conforming resources. and that what we call drift and now >> Alan Fagan: Yeah.

4:03

>> Thomas Martin: most are beginning to shift left, but I think what's super important in that is it's not only about that infrastructure's code, right?

4:08

and they were gonna learn and talk a little bit more here with Jeremy about not only the

4:13

importance of apis, but how ultimately everything has become an API first not only a

4:19

technology but organizations in the way that we interact with our own tooling and some of the security tools that we build

4:25

out or whether it's working with some of the products like rapid sevens inside Cloud Sac or whiz.io. We're interacting

4:32

via VIA API constantly, so wouldn't call the new Frontier, but it's the frontier that

4:37

needs to be secure. >> Alan Fagan: It's the one that matters most awesome. >> Thomas Martin: It is. >> Alan Fagan: Well look. I

4:43

think it's very obvious and that we've got the right man for the job today. And so without further Ado Thomas I will

4:48

gladly let you take the reins and thanks again for your help with this. pleased to have you with us today. >> Thomas Martin: Very good.

4:54

Thank you Alan.

5:00

So now I get to spend a little time here with the team. So Jeremy Teemo. Thanks for being

5:06

here and thanks for having me on to talk with you guys a bit today, but why don't we start

5:11

Jeremy just look as the the co-founder CEO the company. Can you tell us a little bit more about the Fire tail mission for

5:16

especially for those who are maybe just learning about firetale today or here in the future

5:23

>> Jeremy Snyder: Thomas. Thanks, and we really are on a mission to secure the world's apis when we think that apis are critically important for

5:29

the modern internet and the way that data is Flowing on the modern internet today and we

5:35

really want to make it as easy as possible for anybody to get you know, the level of API

5:40

security that they need. so when we think about for instance you know why API security is

5:45

becoming so critical. There's a couple things in there and you mentioned one of them which

5:51

definitely resonates with me and it's part of why we started the company. It's that it's a journey and for many

5:57

organizations it starts as an initial Journey to the cloud and then it goes through these kinds of phases of realization

6:02

right you >> Thomas Martin: Y. >> Jeremy Snyder: realize that there's a benefit to getting out of physical infrastructure management, but then you

6:09

realize that there's actually a further benefit to getting into kind of the elastic ephemeral nature of the cloud. Your

6:15

workloads can be more efficient. They can actually run more in line with the demand. >> Thomas Martin: Mm-hmm.

6:20

>> Jeremy Snyder: You know they can scale up scale down scale outskill in all those things that you hear as promises for why? you move to the cloud in

6:26

the first place. They all do become real but it often takes organizations time to get there. When they get there,

6:32

they often go through kind of what I think of as almost like a second digital transformation

6:38

that happens on the cloud or you can think of it as going like from cloud 1.0 to Cloud

6:43

2.0. Where you've gone from that server model into a more Cloud native model >> Thomas Martin: Yeah.

6:49

>> Jeremy Snyder: and typically when you make that transition you end up with a lot more apis you end up with a classic micro

6:55

service architecture you end up with applications talking to each other over services and in

7:00

fact right now one of the things that you'll see is that actually more than 80% of all

7:06

internet requests are API calls now, >> Thomas Martin: Wow. >> Jeremy Snyder: that's not our statistic that comes from a number of large-scale network

7:13

monitoring organizations like Akamai like cloudflare Etc who >> Thomas Martin: that >> Jeremy Snyder: have visibility on to internet scale traffic, right?

7:19

>> Thomas Martin: did not >> Jeremy Snyder: And so Yeah, and you know, I think a lot of people don't realize that I often use the example of

7:25

something like mobile food delivery, and I've talked to engineers at mobile food delivery companies and we went

7:30

through one order one transaction right where you're ordering food to be delivered

7:36

to your home Hotel wherever you are your office Etc. You know we started counting how many

7:41

API calls went into that one transaction. >> Thomas Martin: Mm-hmm. >> Jeremy Snyder: We got to 30. and then we also started thinking about what's in those

7:49

API calls and you think about oh, well, actually your payment processing sending your credit card information to a payment

7:54

processor. That's an API call. Oh sending your home address to a delivery driver. who's going

8:00

to actually pick up the food and bring it to your location with your sensitive pii in it.

8:06

That's another API call. And so that's why API security is so important and that's why we wanted to make it available for

8:13

everybody. We think that apis are powering the modern internet. They make the modern

8:18

internet possible the way that it is designed today, but it also means that every piece of

8:24

data every every function >> Thomas Martin: Yeah. >> Jeremy Snyder: call Will. end up over an API at some point.

8:30

>> Thomas Martin: yes died, and I love that that again that kind of expansion on the on the whole journey as soon as you begin interacting with those

8:36

Services Certainly. It's like every every single thing is

8:42

it's just they are all apis. and so with that Let's talk a

8:48

little bit more about why Fire tail. >> Jeremy Snyder: Yeah when we

8:53

started that mission. and we started this journey to build the company and we said hey we want to secure the world's

8:59

apis. We didn't put any qualifiers on that We didn't say we wanted to secure the world's apis only for the top

9:05

Enterprise companies that it can afford to pay a huge amount of money per year. We said

9:10

anybody >> Thomas Martin: Yeah. >> Jeremy Snyder: and when you look at most startups and small organizations, they may be providing a very valuable

9:15

critical service. They may not have the resources in place whether it is the expertise or

9:22

the let's say the bandwidth to build a solution of their own or even maybe the money to buy

9:27

a solution right we wanted to make it so that they don't have to make that trade off of where

9:34

do they invest their resources We wanted to make it so that they could get Best in Class API security for some of the

9:39

most critical functions and pieces of what they're building at, you know a price point that literally

9:45

>> Thomas Martin: Yeah. >> Jeremy Snyder: is zero and that is why we we kind of really set this out.

9:50

>> Thomas Martin: Well, I'm anxious to to hear more on that note. you know, I think one of

9:55

the things you just highlighted is is certainly just because of your company Size doesn't make

10:02

your API any less important to the other customers API, right? It's still that sensitive data.

10:10

that's required to run a lot of great apps. so >> Jeremy Snyder: Yeah, absolutely.

10:17

>> Thomas Martin: yeah, let's get to the heart of why we're here today. And that is you you're launching the free. tier and you just you just hit on a lot of the facts that you want it you want to be able to

10:22

get it out to a broader a broader set. But let's kind of just kind of Deep dive that on

10:29

as to not only why now, but but

10:35

also I think which will lead into really the product set, but why the free tier >> Jeremy Snyder: Yeah.

10:41

>> Thomas Martin: Yeah. >> Jeremy Snyder: like I said, you know making it available to organizations of all size in really, you know, wherever you

10:47

are in your API security journey is is really the primary motivation when we see

10:52

organizations tackle this in many different ways. We see companies that start from a shift left. Let's focus on

10:58

secure by Design Etc. And we see companies who take more of a reactive mode because let's

11:04

say they've already gotten ahead a little bit and they've already launched apis out into production and now they're in a reactive mode and they need to

11:10

kind of look at securing what they built. We looked at how we could take all of that and

11:16

put it into one package and >> Thomas Martin: Mm-hmm. >> Jeremy Snyder: really create an end-to-end API security offering and then again when we

11:22

looked at, you know, how do we engage with all of those organizations wherever they are on that security Journey. We

11:28

thought the easiest way was to just open the doors let them in. You know and that is really, you

11:34

know coupled with our drive to secure the world's apis and make this available. for organizations of any size.

11:39

>> Thomas Martin: Yeah. >> Jeremy Snyder: We thought that Journey was really important to think about in terms of inviting people in wherever they are in that

11:47

journey and let them come in figure out. what are some of the challenges that they're facing. very very quickly by the way, you know,

11:52

we see customers who are getting value in as little as 15 minutes by connecting their

11:58

systems up to Fire tail, but going through that kind of life cycle and engaging with them

12:03

meeting them where they're at on the security Journey that that's really another big reason for why we're doing this.

12:08

>> Thomas Martin: I think in not to belabor that but I think one of the things that just hit me as you were talking about that

12:13

too is so many folks. I mean, you know you and I've been talking this for a long time, right And so and I've seen the challenges. >> Jeremy Snyder: Yeah.

12:20

>> Thomas Martin: that customers have not only trying to just look identify the number of

12:25

apis that they have but most folks just don't even understand the need for security in relationship to the API. It's just not thought

12:31

about >> Jeremy Snyder: Yeah. >> Thomas Martin: way. The rest of the infrastructure is I think one of the great things you guys are gonna help do from here forward is just around the

12:37

education front of what does it look like to to secure API? so if you don't mind, I want to

12:42

take a few minutes with Timo right? We're gonna talk a little bit more about product. So let's go through some of these.

12:47

>> Jeremy Snyder: Yeah. >> Thomas Martin: free tier features. You guys been working. It's so hard in the background. So let's let's learn a little

12:53

bit more. >> Timo Rüppell: you >> Thomas Martin: about first off. So who's this for? We know it's for anybody, but but what

12:59

does that ultimately mean?

13:04

>> Timo Rüppell: that's true. So we obviously had a certain type of person in mind when we were thinking about the features of the future free tier and what

13:10

sort of to offer and ask Jeremy said like we want this to be extremely low. barrier to entry

13:16

for anybody signing up. The main idea here is obviously that we want to give this powerful

13:21

tool to for example individual developers, who are working on either a small application or

13:27

their own passion project. I open source project. you but

13:33

also make Work for let's say a project engineer in a larger organization. who has like his

13:40

own little domain and wants to see how they can. take steps

13:46

towards securing the apis that they are providing for example internally to the to the rest of the organization. >> Thomas Martin: Sure.

13:53

>> Timo Rüppell: So this is basically like the the way that we tailored this with respect to all of the sort of available

14:00

features and and sort of possible limitations that are in there. >> Thomas Martin: Perfect. >> Timo Rüppell: Yeah.

14:06

>> Thomas Martin: well, so with that, we now know who it's for. all is going to be included as part of the free tier.

14:11

>> Timo Rüppell: All right. Yeah, so OB. >> Jeremy Snyder: it

14:17

>> Timo Rüppell: what we include is not just sort of like a very limited set. We're actually going rather broadly.

14:22

>> Thomas Martin: Yeah. >> Timo Rüppell: There are some sort of things that we've keep keep for the Enterprise tier. We don't think that individual

14:30

developers have have need for a Splunk integration. for

14:35

example, but obviously like the the things that we're going to talk about later in the demo is all included like Discovery in

14:41

different Cloud environments the logging integration for the different Cloud environments

14:48

our findings engine that will tell you if something is wrong with your API, all that sort of

14:53

stuff the base functionality of fire tale as a security tool is all there for you to use we do

15:02

have slightly. lower retention. of seven days or for data retention we limit to one

15:09

million API calls and five apis. This is plenty enough to get you started and obviously

15:15

if you have more than there are sort of starter tiers available that you can then slowly

15:23

upgrade to it migrate to to more >> Thomas Martin: Sure. >> Timo Rüppell: more quantity of those things.

15:29

>> Thomas Martin: very cool well, I know we are definitely going to get to see a lot more

15:36

next so from a platform demo perspective. Let's just go ahead and start with Discovery.

15:42

So let me turn that over turn over the rains here and let's learn more about discovery.

15:49

>> Jeremy Snyder: sure thing Thomas and you know Timo kind of mentioned it earlier and I think you might have mentioned it as well. a lot of customers when they come talk to us. They

15:56

don't even know how many apis they have. >> Thomas Martin: Yeah. >> Jeremy Snyder: And so from a fire tail perspective. That is

16:01

yeah, and so, you know most customers have the same thing. So from that perspective what you're seeing right now is the

16:06

way that most customers go through this or start with us is integrating with one or more of the cloud providers that they

16:13

are working with that could be AWS. Microsoft is your Google Cloud platform on those platforms. It's a simple

16:19

identity and access management integration and what it does is it scans environments typically

16:25

looking at Network layers for signals where we can pick up apis if you happen to be a whiz

16:30

customer we can actually directly integrate with that as well find your apis out of there. These are generally very

16:36

straightforward into Creations. They'll take you less than 15

16:41

minutes to launch and last but not least you Actually connect directly to your GitHub code repositories and we can

16:46

>> Thomas Martin: Wow. >> Jeremy Snyder: find apis as early as kind of the build and design phase. We do require

16:51

multi-factor authentication by the way, but you can scan either all of your repositories or only select ones if you're

16:57

only interested in certain parts of your code base and what that's going to do is it's going to find all those apis and bring them into Fire tail, and

17:02

that's the discovery process in a nutshell. It's pretty straightforward and like I said

17:08

most of these Integrations take less than 10 minutes to deploy. >> Thomas Martin: Yes, and I will vouch for that and I will

17:13

say again. I I was just amazed at the number that we had but I

17:18

was also super impressed and not only know about them but to have it in. >> Jeremy Snyder: here

17:24

>> Thomas Martin: one location and then to learn more about not only and we're gonna get to that I know but the traffic and they're potential vulnerability. So, okay, so

17:30

tell me a little bit more about code libraries and plugins, too. >> Jeremy Snyder: so code

17:35

libraries and plugins is actually both an alternate way of discovering API. So let's say you're working with apis

17:41

that aren't on one of the cloud providers or can't be discovered by one of those other methods we've got >> Thomas Martin: Yeah. >> Jeremy Snyder: libraries for

17:46

some of the most popular modern code languages that are used for API, you know, kind of modern API development I would

17:52

say >> Thomas Martin: Sure. >> Jeremy Snyder: these are you know, drop in line 15 to 20 lines of integration code, and

17:58

they will both report the API back into Fire tail, so it goes into that same kind of Discovery process. It's very

18:04

simple you go through the process of creating an API and then you can just, you know, pull out a key. there. We also

18:09

have Integrations. with leading tools like nginx or API 6 Etc.

18:15

These are kind of plug-in modules a similar process created token. You drop it in line. This will report the apis

18:22

Into Fire tail as well. So that's an alternate route if you've got apis that aren't going to be discovered through one of those previous

18:28

Integrations with the cloud providers. >> Thomas Martin: Okay. Well Timo, let's pop over to you a little bit. So we've talked

18:34

about Discovery, but let's let's kind of dig in here and >> Timo Rüppell: Yeah. >> Thomas Martin: talk a little bit more about the inventory of

18:40

that ultimately means. >> Timo Rüppell: Yeah, sure. So as Jeremy said once you set up

18:48

one of those Cloud Integrations firetail Will Group all the apis that are discovered into a single application. So here for

18:54

example, this is azure the different apis that we discovered there or for example.

19:00

GitHub here, right so GitHub repository scanning You can always see all of your apis in

19:05

the API Tab and this sort of brings the unified view regardless of where the apis are coming from. So here we

19:12

have rest and gateways for example, and we show them to you in a sort of single place. We

19:19

also collect additional metadat. >> Thomas Martin: you >> Timo Rüppell: for each of these depending on you know, the the resource and the environment like we get

19:25

different amounts of metadata. That was what we get for API

19:30

Gateway another example, for example for Azure, we do get a little bit more different kinds

19:39

of information and points, you know resource IDs things that make it easy for you to track back to the to the resource. There. We also extract whenever

19:48

possible the actual API specification so that way Fire tail can know about you know, the routes and methods the

19:54

parameters responses all that sort of stuff in an API and also give that information to you when you want to look at at your apis.

20:04

>> Thomas Martin: full inventory ability to pull it into individual applications which then I'm sure the individual teams can evaluate.

20:09

>> Jeremy Snyder: if >> Thomas Martin: Okay. We got it. We know about it now. How

20:14

are we going to figure out whether we have issues from a security perspective?

20:22

>> Jeremy Snyder: for most customers that actually leads right into the next part which is posture management and I like to >> Thomas Martin: or >> Jeremy Snyder: think of posture management as kind of,

20:28

you know, discover building inventory and then assess that >> Thomas Martin: Yeah. >> Jeremy Snyder: But does happen in a lot of cases

20:33

though. Is that customers end up having more issues than they

20:38

realize and so the API security posture management module here in fire tale allows you to kind of sort by severity level for

20:43

instance and then you can deep dive in and figure out you know with the a pretty detailed

20:50

description and a mapping to the API top. And what types of issues you have in many cases

20:56

you can get right to the code line level in the API spec you can also do things like filter by severity time Etc. You can

21:03

download csvs that are Excel compatible. So if you need to, you know build an internal

21:09

inventory or report Etc and there's actually a second type of assessment that goes in not only the spec analysis. We've

21:17

got these managed scans of apis because we've pulled into metadata that >> Timo Rüppell: if

21:22

>> Jeremy Snyder: Timo showed previously from the inventory. We know where the apis live we can actually send simulated traffic to the apis and discover where they have

21:28

issues. >> Thomas Martin: You well. >> Jeremy Snyder: And last but not least we have the ability

21:33

to kind of track changes over time. so we can see that when a particular change in this case.

21:39

we're looking at I think it is the creation of a new API or here. It is a code commit into

21:44

a specific repository. We know the timestamp we know who did it. We know which API it is and

21:49

we know the impact of each change on the environment. So that's the last really important

21:55

thing to understand. is that fire tell is tracking environments for Change and date with

22:00

>> Thomas Martin: Mm-hmm. >> Jeremy Snyder: the current state of your inventory.

22:09

>> Thomas Martin: with all of those changes and tracking and things changing As We know in the cloud. dynamically constantly. I'm guessing we're

22:14

going to need to pull some log data. Look at that.

22:20

>> Timo Rüppell: absolutely correct. Yeah. >> Thomas Martin: you guys >> Timo Rüppell: so >> Jeremy Snyder: Oh. >> Timo Rüppell: Exactly. Yeah,

22:27

and I mean obviously like yeah getting logs into Fire tail starts off as Jeremy already

22:33

said like the libraries have a dual function. They also include logging functionality. So when you set up a project

22:38

with a Fire tail Library you set it up with an API key that takes care of

22:43

>> Thomas Martin: Yeah. >> Timo Rüppell: shipping logs to us. but also for the cloud environment similar to the Discovery Integrations we have Integrations for the different

22:50

resource types like load balancers and gateways. In the various Cloud environments that

22:56

are easy to set up and that will then effectively set up a log shipping element from those

23:03

environments to Fire tail, right? and so once you've set those up, all the logs come in

23:09

the dashboard you >> Thomas Martin: Yeah. >> Timo Rüppell: can also View

23:14

them on a per API basis for application basis. but we do sort of normalize them and make them uniform and sort of easy

23:20

to compare and we enrich the logs as well. So you see these tags that we have here. So

23:25

this is for example as elements of being generated by a bot. There's a missing referral Etc. This is a health check and

23:33

point. So with these tags you can start building a real powerfully filters for your logs. So here we're going

23:41

through a quick example of checking for logs that come

23:47

from a public IP address, but which do have the tags of cross

23:52

site scripting or SQL. Function attacks, right? So this is very easy to set up as you can see

23:59

here with the tags that are you know done with our enrichment process and once you've set up the filter. it just submitted

24:05

and it'll filter the logs down to what are now suspected

24:12

injection attacks or cross-site scripting attacks and here again, like because we have sort of the the full context you can

24:19

see the response and the request object here You see the the item that tripped our

24:26

sensors is is visible here in the Header information. >> Thomas Martin: here >> Timo Rüppell: We do IP enrichment as well. So you can

24:31

see where this request was coming from.

24:38

geog by geography for example, or by by organization that owns the IP address. and so this

24:45

gives you a very powerful tool to analyze your data right and then you can obviously also

24:50

save these filters and share them with your team. So once you sort of spend 15 minutes or

24:56

half half an hour building up a >> Thomas Martin: Yeah. >> Timo Rüppell: filter that work isn't lost you you. can actually, you know, give it give

25:02

it to somebody else in the team and and tell them to you know work with that for example, so

25:07

that's sort of the the logging and and the observability that you get from the logging and

25:14

Fire tail. >> Thomas Martin: Yeah, and it's I'll just say as a customer. I think it's what's been interesting for us and look

25:20

everybody's Journey's gonna be different right, but I'll tell you as we have adopted the tool

25:26

I'd say, you know, the initial part isn't in look what our apis don't like change from a code base perspective like daily, right? So it's just our

25:32

shop isn't quite that. Dynamic but I'll tell you upon launch

25:38

post launch and Discovery for us it was going through in

25:43

understanding the vulnerabilities that existed in our apis. >> Jeremy Snyder: Yeah. >> Thomas Martin: repairing those and then once we knew we were good now, it's just part of

25:49

our our release process to go through prerelease put, you know have that post Discovery

25:54

portion to look at did we introduce any errors, but

26:00

honestly Timo just the logs were using those constantly to evaluate is there anything in anything else that we need to be thinking about from our API

26:06

perspective? So the long term constant tale of benefit is there well look, but but we

26:13

also can't we can't live in the tool every day. And so >> Jeremy Snyder: Yeah.

26:18

>> Thomas Martin: I need to be I got to know I gotta know if there's an issue so Jeremy tell me about how I'm Gonna Learn if there's issues.

26:24

>> Jeremy Snyder: In to your point, we don't expect customers to live in fire. Tell every day. That is not the goal our goal in building. The

26:30

platform is to actually meet you where you are. I mentioned that earlier from the standpoint of your API security Journey, but

26:36

that should also be true from the standpoint of what's your working environment? You know, what are the tools that you do

26:42

spend the most time in and so from >> Thomas Martin: Yeah. >> Jeremy Snyder: that perspective, you know, Timo went through the process of kind of

26:48

building out a set of filters that can kind of filter down log files. Well those filters can you know with a couple

26:54

clicks be turned into and alert and so here we can see an alert. It's built off of some

27:00

pre-existing filters. You simply set the thresholds that

27:05

you're interested in looking at and you can use any of the different kind of classifiers that we use here that could be the number of calls it could be

27:10

the size of payloads it can Execution time header size Etc. And you can use any of these

27:17

operators greater than less than Etc you can also filter that down additionally, So

27:23

let's say you only cared about apis that are in production. You want to turn off repeat

27:29

alarms things like that. and then you're gonna get that alert with Rich. contextual information somewhere that you

27:34

live. That might be slack. that might be teams. That might be in a ticketing system. You

27:40

might actually have an outbound API call that you want to send to some other internal tooling that you're using and one other

27:47

little thing that we do there and I Know It kind of passed off of the screen pretty quickly was that we do actually

27:53

show you a preview of an alert that you're about to unleash so you know, you're about to turn on the noisy kind of spam bot

28:00

alert we >> Thomas Martin: Yes. >> Jeremy Snyder: will actually show you what your historical data indicates with that.

28:07

Because alert fatigue is a real >> Thomas Martin: they just >> Jeremy Snyder: thing insecurity and you never want to like turn on the alert that is going to to just you know

28:14

hit the same slack Channel every 30 minutes because people will tune that out. very very

28:20

quickly. So all of the controls and the ability to kind of tweak that to whatever the right channel is for you whatever the right frequency is

28:25

for you whatever the right threshold is for you all of those tools are in there in the

28:31

alerting system. >> Thomas Martin: I think that's great. We to your point. It

28:37

really is a real thing and I think that ability to throttle that and >> Jeremy Snyder: Yeah. >> Thomas Martin: get a preview of it. well, look as you

28:43

mentioned so you've already got it up on the screen customer support. So look, this sounds amazing. I think most people

28:48

probably have the impression that you know with free comes nothing. And so I think let's

28:53

let's talk a little bit about if I'm if I'm signing up here later today after this after

28:59

watching this this webinar. What can I expect from a support perspective especially especially if I'm struggling to

29:04

get started? >> Jeremy Snyder: Yeah, you know for the free tier we did look

29:10

at how are we going to make this as easy as possible for as broad an audience as possible. >> Thomas Martin: Yeah.

29:16

>> Jeremy Snyder: And so to that point we've really spent a lot of time focusing on making sure that our documentation is you

29:22

know as thorough as it can be as up-to-date as it can be as complete as it can be and as accurate as it can be all of

29:29

that documentation is publicly accessible you can find that at firetale.io slash docs. It's

29:35

also linked from our home page from inside the firetail product. Each individual page

29:40

has a direct hot link out to the corresponding documentation page. >> Thomas Martin: Great. >> Jeremy Snyder: So whatever

29:46

you're on the screen like the integration screen or like the posture management screen if you look in the top right you'll actually see a little link

29:53

that'll open a new browser tab directly to the corresponding documentation page. We've got

30:00

videos we've got how to guides. most every topic that you'll need in getting up and running

30:06

on your own if you do run into any issues, you've got kind of two channels that you can reach out to us one. Is that email

30:11

address that you see on the screen there super easy support at firetail.io. I don't think

30:16

anybody can really, you know struggle to guess that it email address, but then also within

30:22

the product >> Thomas Martin: Okay. >> Jeremy Snyder: there is a chat function, so that should

30:27

be on the lower right hand side. Looks like a little speech bubble that you'll see on many many >> Thomas Martin: Yeah. >> Jeremy Snyder: websites. I

30:33

will tell you that that actually is goes directly to a place that is monitored by quite a lot of the fire tail team.

30:38

>> Thomas Martin: Yeah. >> Jeremy Snyder: So you should get you know a response there and a pretty reasonable time

30:43

frame unless we're you know particularly busy at any moment, but you know, generally speaking those are the best

30:49

three channels to reach out and get support. >> Thomas Martin: and just even as a customer I'll have to be

30:54

honest because it doesn't it doesn't really like most websites. It doesn't kind of irritate you right in the sense

30:59

of like there is no pop-up that says hey I'm here and so that that actual chat functionality is one that we didn't

31:05

>> Jeremy Snyder: Yeah. >> Thomas Martin: know initially to even use so so definitely >> Jeremy Snyder: Yeah.

31:11

>> Thomas Martin: Well, look guys this sounds amazing. So let's figure out how do we how do folks get started?

31:17

>> Timo Rüppell: Yeah, that's that's a good question. So.

31:25

the way to get started is to just go on to firetail. and click the start trial button. You'll end up here and click on the get setup button. You can

31:32

sign up by Google single sign-on. You can also sign on

31:37

with email and password as I'm demonstrating here There are some restrictions for the password obviously and we do

31:42

require >> Thomas Martin: Good. >> Timo Rüppell: two-factor authentication so set that up with your mobile phone or as

31:47

here with your password manager and once you've gone through

31:53

these steps and Hoops of setting up your two-factor authentication you will receive an email with an

31:58

>> Jeremy Snyder: if you >> Timo Rüppell: activation link, right? So you'll be put into this sort of waiting State

32:04

and then you can hop over to your email and there should be a friendly welcoming message with a link to click and you'll

32:10

be asked to authenticate again with the

32:16

>> Thomas Martin: Yep. >> Timo Rüppell: and once that is done, there may be an additional browser tab. that's

32:24

left open from the process, but you can then just head it head on into the application. You

32:30

can close the other browser tab your head on into the application and you'll be presented with the opportunity

32:36

to create an organization. So that is where you start off and for each organization that you create. You need to select the

32:42

plan and here is where

32:52

you select a name and the next step will be presented to you as a free tier plan already selected and you just get

32:58

started and you see all of this stuff that we've been talking about the discovery Integrations the code libraries the

33:03

notification integration Etc. You can always go back to the orc management and check out

33:09

your subscription again if you need to upgrade Etc, but that's like It really only takes a couple of minutes to get in as

33:16

you yourself said like maybe five to ten minutes to set up a cloud integration and and >> Thomas Martin: here

33:23

>> Timo Rüppell: you're Off to the Races. We purposely try to make this as smooth as possible.

33:30

>> Thomas Martin: why I think one of the clarifiers it's not a clarifier. It's just a maybe an exclamation point firetail dot

33:36

app. I know we're gonna show the the QR code. >> Timo Rüppell: Yes. >> Thomas Martin: The main

33:41

website is that I owe to sign up is not very good >> Timo Rüppell: Yes, exactly. >> Jeremy Snyder: Yeah. >> Timo Rüppell: Yeah. >> Jeremy Snyder: but >> Thomas Martin: Yeah.

33:48

>> Jeremy Snyder: that's that's start trial button on firetail.io will take you right to dot app and you know, you can get in through there. So if you can't remember firetail

33:54

that app, don't worry, it should be too hard to find. >> Timo Rüppell: Exactly exactly. This is the joy of

34:00

being a tech startup and having too many domain names available. >> Thomas Martin: Yes. Bear

34:05

Point bear Point. well guys amazing stuff. Let's get to some questions, you know, I

34:12

know there's a couple of popped in and so I'm actually gonna start with one that that is

34:17

fresh. and Jeremy. This is to you you mentioned the OS top

34:24

10. Oh for those who may not be completely familiar with API security. What is frame? >> Jeremy Snyder: Yeah. Yeah.

34:30

>> Thomas Martin: who controls it? What's the top? Yeah. >> Jeremy Snyder: Yeah, so it's controlled by in a nonprofit

34:36

organization called oasp. I have to admit that I often get the exact. what does owasp

34:43

stand for wrong? So I'm just pulling it up open >> Thomas Martin: oh you >> Jeremy Snyder: worldwide applications security. project. >> Thomas Martin: I didn't even know you're gonna go there so.

34:49

good for you. I mean acronyms. >> Jeremy Snyder: haha, but you know, so it's an application security project and it's a

34:56

it's kind of a Consortium in nonprofit organization and what they do is they look at different application structures, and they try to

35:02

help people understand for each technology category. What are the top 10 risks or threats

35:09

around that so for instance, you know large language models AI is a very very hot topic. so they

35:15

came out with hey, what are the top 10 risks and threats around Ai and then, you know apis has

35:20

been a topic for a little >> Thomas Martin: Yeah. >> Jeremy Snyder: while the initial version of the owasp

35:25

API top 10, which is again just a list of the top 10 threats and risks around apis first version came out in 2019. There was an

35:31

update last year in 2023. in

35:37

inside fire tale when you look at our findings you will see that the findings map to an

35:42

item on that top 10 list and we'll >> Thomas Martin: Yeah. >> Jeremy Snyder: actually show you both the 2019 version and the 2023 version just

35:48

>> Thomas Martin: Okay. >> Jeremy Snyder: you know what that mapping is, but that that's what the OS API top 10 >> Thomas Martin: amaz Yeah,

35:54

one of the things in this is maybe a bonus points when you guys send out stuff, but I do

36:00

really love. firetail has a breach tracker right You want to talk this? >> Jeremy Snyder: Oh, yeah. >> Thomas Martin: is so this is

36:06

about me question this one this wasn't from >> Jeremy Snyder: Yeah. >> Thomas Martin: there. Let's talk about just for a moment about the the breach tracker that you guys are doing and to

36:12

me again more education back to the community. >> Jeremy Snyder: It you know,

36:18

it's something that we started when we started the company and we did it for a couple of reasons. one is it's just

36:24

really interesting research data for our own team to look at. you know to understand how where

36:30

why our organizations getting breached on their apis and kind of what's the impact right?

36:35

And there's always a caveat that goes into these kind of things which is that we only hear about the ones that get this

36:40

close publicly, right? >> Thomas Martin: Great point no. >> Jeremy Snyder: And so, you know, it may not be complete. In fact, I'm I can 99.9%

36:46

guarantee you it's not a complete listing of every organization. that's been breached, but it's been super

36:53

informative from understanding how our attackers getting into apis and we kind of look at that time in again with each

36:59

new breach incident that >> Thomas Martin: Yeah. >> Jeremy Snyder: comes in and we can kind of start to

37:05

understand not only from the owasp API top 10 perspective. you know, what are the risks and threats but from what's going

37:11

on out there and >> Thomas Martin: Yeah. >> Jeremy Snyder: you'll hear terms like threatened form defense and and you know

37:19

secure data-driven security design things like that that I've heard in various kind of talks and conferences and it really is something that we

37:26

subscribe to because it is you know, you want to build a solution that actually solves

37:31

the problems and >> Thomas Martin: That solves the problem. >> Jeremy Snyder: The easiest way to see that is by tracking

37:36

what's happening out there, >> Thomas Martin: Yeah. >> Jeremy Snyder: So that's on our website the link. is in the footer of firetail.io. We also

37:42

prepare an annual report where we take data from that tracker We analyze it we look at kind of you know top breach vectors,

37:50

you know primary secondary causes some of the statistics around it the growth rate and

37:56

the number of attacks over the years which is way up by the way

38:02

like if you look at 2020 from 2020 onward every year it's not only gone up but the rate of increase has gone

38:08

>> Thomas Martin: Yeah. >> Jeremy Snyder: up right and so it's it's really is kind of a compounding effect and one of

38:13

the other kind of crazy things that I'll mention and I don't want to go too deep into it. People are more than welcome to

38:19

download it for free off of our website. You should be able to find that pretty easily but one of the other things I'll

38:26

mention is that when we see API data breaches They tend to be because of a design flaw in the

38:32

API and what that means Is that the entire data set behind the API is usually vulnerable to

38:38

exfiltration or scraping. And so the size measured by volume or number of Records extracted

38:44

is actually more than 10x higher than across the broad

38:51

kind of the broad average of you know, breach events across the technology space.

38:57

>> Thomas Martin: but you know, I think one of the things to just to build on that a moment is You talked about this

39:02

exponential growth. It should also be a very large call to

39:08

action, right I mean so as >> Jeremy Snyder: Yeah. >> Thomas Martin: companies and organizations get better at securing the rest of the cloud. This is the next this is the

39:13

next piece of yarn to pull on right and back to your point. >> Jeremy Snyder: Yeah.

39:19

>> Thomas Martin: I don't even have to breach the bucket if I can if I can filtrate by the

39:24

flaw in the API, there's a strong chance. You're not even gonna see it come across so definitely all the action so

39:31

It's also good to know. I mean, so this is coming through here now and by the way, I should have mentioned to anybody in the audience, right now. We're

39:37

taking these lives. So if you guys have additional questions that you didn't submit a few of these were submitted with the

39:43

form submissions, but if you guys have questions as we go along, please Timo this one's to you. What is seven day log

39:49

retention ultimately mean >> Timo Rüppell: Um, yeah sure

39:55

so that basically means that when we when you ship logs to the firetail platform that

40:00

starts a timer for each of the logs and we will retain that for seven days. So that's

40:05

enough time for you to you know filter get alerted on. it's

40:11

also enough time for you to you know, get the logs off the platform if you need to store them for longer, but this is

40:18

like a conscious decision to not become a platform for log storage, right? >> Thomas Martin: Okay.

40:23

>> Timo Rüppell: It's also good for you as a sort of like from a security perspective, you know that the logs don't stick

40:30

around obviously for the sort of like started tears and Enterprise. Here's the log retention times are >> Jeremy Snyder: it

40:38

>> Timo Rüppell: longer, but they're also capped at at >> Thomas Martin: Sure. >> Timo Rüppell: reasonable times. because we don't want to

40:46

like login information can be sensitive and we treat it as such so we are very careful about Getting those for

40:53

unspecified times. >> Thomas Martin: and I guess it's it's related. But let's

41:00

just say I mean because of the next day I was gonna ask you this is ultimately what if I have more than five apis and Jeremy you probably cover that but I'm Gonna Keep It on Timo

41:07

produces a second. So what if I only have five apis, but organizationally, I really think it's important. I want longer

41:14

log data is there's differences between the free tier and the other tier in regards to logging. >> Timo Rüppell: Sure. >> Thomas Martin: Okay.

41:19

>> Timo Rüppell: Yeah, so the the main things that change between the tiers is exactly

41:24

the number of apis that you get the number of ingested logs per month and the retention times. >> Thomas Martin: Okay.

41:29

>> Timo Rüppell: There are some additional small variations like the Enterprise level notification Integrations like as I mentioned for example,

41:36

Splunk or with right those things are are for Enterprise customers. We don't see

41:43

individual people >> Thomas Martin: Yeah. >> Timo Rüppell: necessarily having those if there is like a

41:49

need for you to specifically modify or have like a customized set of restrictions or or sort

41:55

of quotas in place. Just send us an email we can figure something out. >> Thomas Martin: Sounds good.

42:01

>> Timo Rüppell: I think yeah. >> Thomas Martin: Thanks on that Timo. Well, so Jeremy, I mean as we were kind of talking

42:06

there. All right, so I get in I start doing ingestion and I got

42:11

more than five. What if I get all five apis? >> Jeremy Snyder: Yeah, you know that is where the limits of the

42:17

free tier kind of kick in right in to that. >> Thomas Martin: That's where yeah. >> Jeremy Snyder: during the sign up process you probably will have seen it might have

42:24

gone through this screen pretty quickly, but you will have seen there are kind of starter business Enterprise also

42:29

available and look if you if you're in that kind of Middle Ground where you're looking at it and you're like, oh boy, you

42:34

know, that's a big step up for our organization, but we really value what we're getting out of Fire tail. Like Timo said just

42:41

reach out we >> Thomas Martin: Yeah. >> Jeremy Snyder: have the ability to create kind of custom plans for yeah for

42:46

different sizes for different scales and especially if you're coming from a startup or an

42:52

academic institution or a nonprofit We definitely offer kind of specialized pricing and and plans for those types of

42:58

organizations. Just reach out to us support at firetail.io or chat to us through the app will

43:04

be happy to work something out with you. >> Thomas Martin: Great stuff. Well, um. For those who maybe

43:09

didn't fully understand. how can they get started with the code libraries? But either one of you guys can grab this one?

43:15

>> Timo Rüppell: That's a good question. So all of our code libraries are actually open source and on GitHub, So a good

43:21

starting point would be just to go to Fair Tails GitHub at

43:27

>> Thomas Martin: Okay. >> Timo Rüppell: github/firedale-io. So the repositories are there. so they

43:32

all include documentation for how to get started and set them up in a code project.

43:38

Obviously also the on platform instructions are are available. So if you set up a fire tail

43:44

account you have access to those but their mainly designed

43:49

to work off API specifications and help you construct a safe

43:54

and secure API, right? That's the main idea there and then obviously setting up a free tier

44:00

account on fairy tale lets you do the log shipping and all the good stuff as well there.

44:05

>> Thomas Martin: you >> Timo Rüppell: But yeah, we try to keep them easy to integrate. just a tiny bit of

44:12

coding required. >> Thomas Martin: Very cool. Well, this one just popped in from the audience. You know, I

44:18

don't if we Flash the screen up in and I'm sure that the team can slow it down and look at it,

44:24

But the question is what Integrations do we have to Modern software team Tools ticketing tracking reporting. I

44:31

know slack and teams has been been. mentioned and then I guess I'm gonna build on the question a little bit and even if it doesn't exist today are

44:37

there any plans ultimately to maybe build out even some API access to do custom Integrations?

44:44

>> Jeremy Snyder: Yeah, I'll take the first part of that which is the existing integration. So then Timo can talk about that

44:49

>> Thomas Martin: Yeah. >> Jeremy Snyder: second part if that's okay. So first of all Integrations if you go to

44:54

firetail.io slash docs you will see the category of Integrations, but off the top of my head the ones that I know

45:02

about and I I might forget one or two, but from a notification perspective if you've got slack

45:08

in teams, and you've got >> Thomas Martin: Sure. >> Jeremy Snyder: email and I think you have two FL of email we have you can use your own

45:14

SMTP service or you can use ours which is going to come off of the Amazon web services. >> Thomas Martin: Yeah. >> Jeremy Snyder: So if you're

45:19

kind of in an organization where you might be flagging emails know that that is one of the sources where they might be coming from from a ticketing

45:28

perspective jira pager Duty service now from a SIM perspective Splunk, and I think

45:33

that should cover most of them on the existing integration side. And you do also have the

45:40

ability to in any of those Integrations all of the data that you saw collected meaning.

45:47

Let's say things like if it's an alert things like the the number of calls that tripped the

45:53

threshold things like that, you know, or the payload size that trip the threshold like those can all be embedded into the

46:01

payload that gets sent into your ticketing system or if it's something >> Thomas Martin: Okay. >> Jeremy Snyder: like a finding it is like oh this endpoint

46:07

doesn't have authentication that can again be included in like, you know, the jira task that gets created out of the

46:13

fire tale finding so they are, you know context rich and then one other thing I'll say is

46:19

that there is also the ability to send an outbound API call with again that same data in the payload.

46:26

>> Thomas Martin: Okay. >> Jeremy Snyder: So that is inside the product for as a I think it's called an HMI. hmac

46:32

signed API integration and Timo you can take it away on the other side. >> Timo Rüppell: Yeah. no, I

46:40

was gonna say like the hmac signed API webho call is >> Thomas Martin: Yeah. >> Timo Rüppell: basically the first step to just building your own, right? That should

46:45

work with most any other platform. There's also one

46:52

additional thing that we offer which is you can >> Thomas Martin: mmm >> Timo Rüppell: trigger a Lambda function. That'll get all of the context as >> Jeremy Snyder: All right. >> Timo Rüppell: well. And

46:57

basically there you like bobs. your uncle. You can do pretty much anything you >> Thomas Martin: I'm just gonna say that basically >> Timo Rüppell: want but

47:03

>> Thomas Martin: just opened up the world. >> Timo Rüppell: yeah. >> Thomas Martin: So check. >> Timo Rüppell: That covers everything obviously obviously

47:08

for for our customers most of our Integrations are developed with customer interest in mind.

47:16

So if you're a customer and and have a have a tool that you're using Reach out and we might be

47:21

able to work something out. We have a crack. a crack team of

47:28

of developers on hand and they'll happily crank out one of those Integrations in no time. >> Thomas Martin: Very good.

47:34

Well guys, I I there may be a couple more questions popping in as they do. We'll get those sent out and I know you guys

47:40

can follow up but look, um, wow what an exciting day. Thanks for all the great information Congratulations to both of you

47:46

on the launch of the free tier. Jeremy. Let me just hand it back to you. I want to be mindful of time. So take us home.

47:52

>> Jeremy Snyder: Well, there's really not much more to say is there I mean, I think we've >> Thomas Martin: Yeah. >> Jeremy Snyder: covered quite

47:57

a lot and we even went a couple minutes long and I was thinking halfway through. Oh boy. I think we're we're gonna finish early but the Q&A was really

48:03

great. Look. I I really appreciate you taking the time Thomas. It really means a lot for you as a continued and I

48:10

think you know pretty long-term one of our very first customers to come on board for you to share your experiences and to

48:15

take the time to join us here today for all of you watching. Thank you. So for your time

48:21

attention for the questions that you sent in I'll leave the QR code up on screen here and as

48:26

Alan mentioned at the very beginning the session is being recorded so it will be available for replay if there's stuff that you need to go back and

48:32

have a look at you'll be able to do that to your heart's content. I think on YouTube.

48:38

It's just very very shortly here Thomas Timo. Thank you for taking the time Alan. Thank you for the introduction at the

48:43

beginning and to our audience first and foremost. Thank you for taking the time. Please

48:48

feel free to share this around to any other organization and people that you know, who might also be interested. We'd love

48:54

to get your feedback and we really do welcome you on board the fire tale free tier with that. I will say on behalf of myself and the team signing

48:59

off. Thank you again. Bye.

API Security for All

Join FireTail's Free Tier today- you don't even need a credit card.