Metlo

Metlo is a powerful, developer-first open-source tool designed for effortless API security. In today's API-driven world, securing endpoints is critical, and Metlo provides a comprehensive solution that can be integrated in less than 15 minutes. It works by passively monitoring your API traffic to create a complete inventory of all your hosts, endpoints, and the sensitive data they handle. This automated discovery process eliminates blind spots and gives you a clear view of your entire API attack surface.

The core of Metlo is its real-time threat detection and prevention engine. It uses sophisticated models, trained on vast patterns of malicious requests, to identify and block a wide range of attacks. This proactive defense mechanism operates with extremely low false positives because it analyzes activity across multiple requests rather than flagging individual ones. Once a malicious actor is identified, Metlo can automatically block their traffic, protecting your application and data in real time.

How to use Metlo

Integrating Metlo into your stack is designed to be simple and seamless, regardless of your technology. The process generally involves these steps:

1. Choose your Integration Method: Metlo offers agents for various languages and platforms. You can integrate it as a middleware in your application (e.g., Node.js, Python, Go, Java), as a plugin for your web server (Nginx), within your container orchestration (Kubernetes), or by mirroring traffic in your cloud environment (AWS, GCP).
2. Install the Agent: Add the Metlo library or agent to your project dependencies or server configuration. For example, in a Node.js Express app, you would install the `metlo` package and add it as middleware.
3. Configure the Agent: Configure the agent with your unique Metlo API key and the host address of your Metlo instance. This allows the agent to send metadata to the Metlo cloud for analysis and receive blocking instructions.
4. Deploy: Deploy your application as usual. Metlo will immediately start monitoring traffic, inventorying endpoints, and detecting potential threats without requiring any code changes to your business logic.

Core Features of Metlo

• Automatic API Inventory: Passively discovers and catalogs all your API endpoints, hosts, and data fields based on live traffic.
• Sensitive Data Identification: Automatically detects and maps sensitive data types (e.g., credit card numbers, PII) within your API requests and responses.
• Real-time Threat Detection: Comes with over 25 built-in detections for common attacks like SQL Injection (SQLi), Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), Remote Code Execution (RCE), and Account Takeover (ATO).
• Intelligent Blocking: Blocks malicious requests in real time at the edge with minimal latency (<0.2ms). It can block based on IP, user session, or user account.
• Low False Positives: Analyzes patterns across multiple requests to accurately identify malicious actors, significantly reducing false alarms.
• OpenAPI Spec Generation: Automatically generates OpenAPI (Swagger) specifications from your API traffic, helping you keep your documentation up-to-date.
• API Security Data Lake: Stores all request and attack metadata, allowing you to run custom queries and gain deep insights into your security posture.
• Customizable Detections: Provides the flexibility to build your own custom detection rules tailored to your application's specific logic.

Use Cases for Metlo

Metlo is ideal for a variety of teams and scenarios:

• DevSecOps Teams: Integrate security directly into the CI/CD pipeline, enabling developers to find and fix vulnerabilities early ('shift-left' security).
• Security Engineers: Gain complete visibility of the organization's API landscape, monitor for new threats, and respond to incidents quickly.
• Startups and SMBs: Implement enterprise-grade API security without the high cost or complexity of traditional solutions, thanks to its open-source nature.
• Compliance and Auditing: Identify where sensitive data is being processed and which endpoints are unauthenticated to help meet compliance standards like PCI DSS, GDPR, and HIPAA.

Advantages of Metlo

Metlo stands out for several reasons:

• Open Source: Being open-source provides transparency, flexibility, and a strong community. You can inspect the code and customize it to your needs.
• Effortless Setup: You can achieve meaningful API protection in minutes, not months.
• High Performance: The agents are built for scale, adding negligible latency (under 0.2ms) and consuming minimal resources (1% CPU, 50MB RAM).
• Comprehensive Coverage: It combines API discovery, sensitive data identification, threat detection, and real-time blocking into a single, cohesive platform.

Pricing and Plans

Metlo operates on a freemium model. It offers a powerful, self-hostable open-source version that is completely free. For teams looking for advanced features, managed cloud hosting, the centralized cloud detection engine, and enterprise-grade support, Metlo provides paid commercial plans. To get details on the paid offerings, potential customers are encouraged to schedule a demo through the official website.