We are thrilled to share the exciting updates that Levo.ai has brought to our product in the past quarter. Our dedicated product team has been working hard, delivering new features that will significantly benefit you.
At Levo.ai, our primary goal is to empower our customers with unparalleled visibility into their apps and APIs effortlessly. We understand the importance of continuous verification for runtime security, ensuring that your apps remain secure and provide peace of mind. With this objective in mind, we are delighted to announce the release of several remarkable features.
Let’s dive into the details:
1. Go TLS Instrumentation and Fargate Workloads Support:
We are thrilled to extend our magical support to Golang-based applications, even if they utilize SSL/HTTPS. With just one command, gain comprehensive visibility into your APIs within minutes. Additionally, based on popular demand, we have introduced support for Fargate workloads. If you encounter workloads that we don’t currently support, please reach out to us, as we have alternative instrumentation approaches and solutions readily available for your apps.
2. Run Levo in a Privacy-Preserving Architecture
At Levo.ai, we prioritize your data security. Our Satellite now processes all API data within your VPC, eliminating concerns about data leaving your data center or cloud. You have the flexibility to run Levo’s Satellite on a VM or in Kubernetes, and we have now added support for running it in EKS Fargate as well. Additionally, we are working on adding support for running it in ECS Fargate, allowing you to set it up and forget about it.
3. Simplified Configuration Management
To streamline your experience, we have made most of the configuration options available through Levo’s intuitive SaaS UI. You can now conveniently configure various settings without modifying the Satellite setup. Whether you need to ignore API calls from specific user agents or map API calls to end users, it’s as simple as a few clicks. We encourage you to explore these capabilities and share valuable feedback.
4. Sensor and Satellite Health and Metrics
We understand the importance of monitoring and oversight. Therefore, we have incorporated a new feature that allows you to track the status and metrics of our Sensors and Satellite services. Monitor the live traffic capture on each sensor, the number of API calls processed by the Satellite services, and more. We appreciate your feedback on additional details you want to see in this area.
1. Instantaneous Security Testing:
We heard your feedback and are thrilled to introduce instantaneous security testing. Gone are the days of creating test plans to run security tests using Levo. You can perform security tests instantly at both endpoint and app levels. With our cloud-based security runs, you can scale security testing for your APIs without delays or plan creation. Watch our quick video demonstration showcasing how this feature simplifies security testing. We would love to hear your thoughts and experiences as you explore this capability.
Moreover, you can seamlessly integrate these tests into your CI pipeline using our GitHub action or Jenkins plugin, enabling comprehensive security testing for your applications.
2. Test Data Configuration from the UI:
To enhance usability and automation, Levo now intelligently utilizes the API payloads captured from your environment for testing. However, if you require further test data configuration, we have introduced a feature that allows you to configure test data directly through our UI easily. Python fixtures are still available for advanced use cases. We encourage you to explore this capability and provide feedback on your experience.
3. Run Security Tests from Self-Hosted GitHub Runners
We are pleased to announce the support for running security tests from self-hosted GitHub runners. If you utilize GitHub’s self-hosted runners in Docker-in-Docker (D-in-D) setup, our security tests seamlessly integrate with this environment. Leverage the flexibility and scalability of self-hosted GitHub runners to enhance your security testing workflows.
4. Enhanced Security Test Cases
Our commitment to continuous improvement drives us to continually enhance our security test cases. We have recently expanded the security testing coverage for POST, PUT and other API endpoints. Additionally, we are excited to introduce Fuzz testing as a new category, which employs innovative “property-based testing” to assess both resiliency and security aspects. We have also fine-tuned existing tests, added more assertions, addressed false negatives, and significantly improved overall coverage. We value your feedback, so please let us know if there are specific scenarios you would like us to address.
5. More Configurations in Cloud-Based Security Test Runs
We have made significant improvements to our cloud-based security testing. You can expect faster test result retrieval, the ability to configure the delay between endpoint test runs and fine-tune configurations to avoid rate limiting issues, among other enhancements. Furthermore, we have expanded authentication mechanisms for security tests. We encourage you to explore these features and share valuable feedback.
At Levo.ai, we remain committed to empowering you with cutting-edge API security capabilities. We appreciate your continued support and partnership. Please don’t hesitate to reach out to us with any questions, suggestions, or feedback. We are here to help you succeed.