Traceable by Harness positions itself as a leader in the convergence of DevOps and security, a space often referred to as DevSecOps. The company’s mission is to secure the building blocks of modern software by protecting every API, which it views as the foundational elements of today’s applications. This focus is a direct result of the founders’ experience at AppDynamics, where they observed the massive adoption of cloud-native architectures and the interconnected APIs that power them. The goal is to provide a comprehensive platform that integrates security into every phase of the software development lifecycle, from design to runtime.
In February 2025, Traceable announced a merger with Harness, a company also founded by the same entrepreneurs, to create what they term an “AI-native DevSecOps platform”. This strategic combination aims to address the market demand for embedding security into the software delivery process, rather than treating it as a separate, siloed function. The market has responded to this integrated approach, recognizing the increasing need for developers to take on more security responsibility. The combined entity under the Harness brand is focused on enabling software teams to develop, deploy, and secure applications seamlessly.
Offerings, Capabilities, and Integrations
Traceable by Harness provides a comprehensive API security platform designed to protect applications from the development phase through to production. In February 2025, Traceable merged with Harness, a software delivery platform, to create an integrated DevSecOps platform. This merger combines Harness’s insights into software development, testing, and delivery with Traceable’s expertise in API usage and security. The unified platform is designed to provide a seamless workflow for developers and security teams, embedding security into every stage of the software development lifecycle. The company’s competitive edge lies in its ability to offer a single platform that addresses both development and security, leveraging artificial intelligence and machine learning to automate processes and provide deep contextual awareness. This integrated approach aims to improve the speed and efficiency of software delivery while ensuring robust application security.
The platform’s capabilities are built around providing complete visibility into an organization’s API ecosystem. It automatically and continuously discovers all APIs, including those that are undocumented or “shadow” APIs. A key differentiator for Traceable by Harness is its use of distributed tracing and eBPF-based monitoring to deliver deep API observability and real-time threat detection. The platform offers integrations with various cloud services, CI/CD pipelines, and API gateways to ensure comprehensive protection across different environments.
Products and Services
Traceable by Harness’s core offering is its API Security Platform, which is now part of the broader Harness DevSecOps platform. A new product introduced since the merger is Traceable Cloud Web Application and API Protection (WAAP), which integrates API discovery, runtime threat detection, bot mitigation, and DDoS defense. The platform’s services can be categorized into several key areas:
- API Discovery and Risk Assessment: This service automatically discovers and catalogs all APIs, providing a comprehensive inventory. It helps organizations understand their API attack surface and identify sensitive data flows to assess risk.
- API Security Testing: Traceable offers capabilities to test APIs for vulnerabilities before they reach production. This “shift-left” approach integrates security testing directly into the CI/CD pipeline, allowing developers to identify and fix issues early in the development process.
- Threat Protection: The platform provides real-time protection against a wide range of threats, including the OWASP Top 10 for web applications and APIs, zero-day attacks, and business logic abuse. It uses behavioral analytics to detect and block both known and unknown threats.
- Threat Analytics and Forensics: Traceable provides detailed analytics and forensic tools to help security teams investigate and respond to incidents. This includes the ability to trace the path of an attack and understand its impact.
- Generative AI Security: The platform also addresses the unique security challenges associated with generative AI technologies, such as shadow AI and sensitive data loss.
Target Customers
Traceable by Harness primarily targets large enterprises across a variety of industries where API security is critical due to the sensitive nature of the data they handle. These industries include financial services, technology, and healthcare. The platform is particularly valuable for organizations that heavily rely on APIs for their core operations and are undergoing digital transformation initiatives, such as migrating to cloud-native architectures. Customers include companies like Informatica, a leader in cloud data management.
Cloud Integrations and Marketplaces
Traceable by Harness offers several cloud integrations designed to embed API security into cloud-native environments. The broader Harness platform, which now includes Traceable, provides extensive support for major cloud providers. The company also maintains a presence on the cloud marketplaces of Amazon Web Services (AWS), Google Cloud, and Microsoft Azure.
The Traceable platform integrates directly with the Harness platform, specifically with Harness’s Security Testing Orchestration (STO) module. This allows teams to incorporate API security testing results into their CI/CD pipelines and view them alongside other vulnerabilities within the Harness dashboard.
- Amazon Web Services (AWS)
Traceable by Harness integrates with AWS for enhanced API security. The Harness platform as a whole supports deployment to AWS services, including EC2 and EKS. The company has achieved Standard Technology Partner status in the AWS Partner Network.
Traceable AI is available on the AWS Marketplace. The listing provides for continuous API security, including visibility, real-time protection, and threat analytics by combining distributed tracing with context-based behavioral analytics. Additionally, other Harness modules, such as Harness Feature Flags and Harness Cloud Cost Management, are also available on the AWS Marketplace.
- Google Cloud
Traceable by Harness provides agentless API security by integrating with Google Cloud’s application load balancers. This integration allows for the automatic discovery and risk assessment of APIs by capturing traffic flowing through the load balancers. Traceable also integrates with Google Cloud’s Apigee API Gateway and supports traffic mirroring using the Google Cloud Platform CLI for data collection.
Harness is available on the Google Cloud Marketplace, offering its Continuous Delivery-as-a-Service platform. This allows Google Cloud customers to automate their delivery processes. The marketplace provides access to various Harness modules, including Continuous Delivery, Cloud Cost Management, and the broader Harness Software Delivery Platform. Customers can subscribe to Harness products through public listings or request private offers for custom pricing.
- Microsoft Azure
Traceable by Harness integrates with the Azure Web Application Firewall (WAF) to block malicious IP addresses and threat actors. The broader Harness platform offers comprehensive support for Microsoft technologies and the Azure cloud, including the Azure Kubernetes Service (AKS) and Azure Container Registry (ACR).
Harness is listed on the Microsoft Azure Marketplace. The marketplace offerings include the Harness Continuous Delivery-as-a-Service platform, which simplifies the process of delivering code into production environments. The integration with Microsoft Entra ID (formerly Azure Active Directory) enables single sign-on capabilities for managing user access.
Key People
- CEO & Co-Founder: Jyoti Bansal.
- CTO & Co-Founder: Sanjay Nagaraj.
- GM of Harness’ Application Security business: Sanjay Nagaraj.
- DevOps: Suraj Puvvada.
- Platform Engineering: Tim Mwangi.
- UI Engineering: Aaron Steinfeld.
- UI Engineering: Jake Bassett.
- Head of Design.
- Head of Security Research.
- Head of India R&D.
- Head of Product – Application Security.
- Head of Community.
Key Facts
- Headquarters Location: San Francisco, California.
- Number of Employees: Approximately 1,100.
- Annual Revenue: Approximately $250 million.
- Parent Company: Harness.
- Subsidiary Companies: None.
- Publicly Listed: No.
Analyst Recognition
Following its merger with Traceable, Harness has been recognized by multiple analyst groups.
- Gartner recognizes Harness as a Leader in the Magic Quadrant for DevOps Platforms. In the previous year, Gartner had positioned Harness as a Visionary in the same category.
- Forrester names Harness a Leader in The Forrester Wave™: DevOps Platforms, Q2 2025.
No specific recognitions for Traceable by Harness were found from IDC or Everest Group.
