Harness, a prominent DevSecOps vendor, has recently announced its merger with Traceable, a company specializing in API security. This move comes as a response to the growing demand for API security solutions in light of the increasing use of AI applications that heavily rely on APIs.
The merging of Harness and Traceable marks a significant development in the realm of DevSecOps. Both companies were founded by Jyoti Bansal, Harness’ CEO, and Rishi Singh, its CTO, in 2017. Traceable, on the other hand, was founded in 2018 by Bansal and Sanjay Nagaraj, who will now assume the role of general manager of a newly established application security business unit within Harness.
Harness, originally established as a continuous delivery company, has since evolved to encompass various facets of DevOps, including continuous integration, cloud cost management, application security test orchestration, software supply chain security, database DevOps, and DORA metrics monitoring, among other features. Traceable, on the other hand, specializes in API security, offering services such as API discovery, inventory management, attack detection, threat hunting, attack protection, and pre-production security testing.
The collaboration between Harness and Traceable will initially focus on integrating an API security module into the Harness DevSecOps platform. This feature aims to provide comprehensive protection for APIs throughout the software development lifecycle, from build and deploy phases to runtime operations. Nick Durkin, field CTO at Harness, emphasized the importance of extending security measures beyond the initial development stages to ensure ongoing protection for continuously evolving applications.
The integration of API security into the Harness platform reflects a broader trend in the DevSecOps landscape. Industry analysts, such as Katie Norton from IDC, have observed a growing interest in API security among DevSecOps organizations. Recent mergers and acquisitions in the API security space, such as those between Akamai and No Name, Snyk and Probely, and F5 and Wib, underscore the increasing importance of API security in modern software development practices.
APIs have long served as a critical component of cloud-based applications, and their significance continues to grow with the proliferation of AI-driven technologies. As enterprises adopt generative and agentic AI applications, the number of APIs utilized in software development is expected to increase significantly. This trend poses new challenges in terms of securing APIs against potential vulnerabilities and cyber threats.
One key concern highlighted by Norton is the potential vulnerability of APIs to cyber attackers seeking unauthorized access to sensitive data used by AI models. Safeguarding APIs against data breaches and ensuring secure integration of AI-powered services remain top priorities for organizations. The shift towards API security reflects a broader effort to enhance the resilience and security posture of modern software applications in response to evolving cybersecurity threats.
In conclusion, the merger of Harness and Traceable signals a strategic alignment to address the pressing need for API security in the context of AI-driven applications. By integrating API security features into the Harness platform, the companies aim to provide DevSecOps teams with robust tools for safeguarding APIs throughout the software development lifecycle. This collaboration underscores the growing importance of API security in the evolving landscape of DevOps and underscores the critical role that APIs play in shaping the future of software development.