In order to ensure compliance with the growing list of personal privacy regulations—like GDPR, CCPA, and PDPA—your company needs to know how it handles the personal information of your customers, users, and even visitors.
Modern privacy regulation is centered around the concept of personal information. The General Data Privacy Regulation (GDPR) popularized it, but since then similar initiatives—like the California Consumer Privacy Act—have expanded on the definition of "Personal Information." If your application collects any kind of information about your users or customers, it is important that you track when, how, and for what purpose you are collecting their data.
ISO 27001 is a way for companies to prove a certain standard of security to their customers. You may recognize ISO as the standards body that issues international standards and classifiers for all kinds of products and services, including date and time standards, country and currency codes, and structural systems—like the ones we’ll be discussing in this article.
On December 1st 2020, New Zealand’s revamped privacy act went into effect. The Privacy Act originally passed in 1993 and has been revisited multiple times, but the 2020 act clarifies its reach and outlines what organizations need to do in order to be compliant.
Your business relies on third-party APIs to operate. Sometimes they enhance your capabilities, and other times they bridge the gap between your business and where your customers are through integrations. Either way, the intermingling of data and services between your business and these third-party vendors can put your business at risk. When it comes to ensuring these providers are handling data securely, SOC 2 has become one of the most common security frameworks for tech companies.
Regardless of what industry your company belongs to, you are obligated to think about the privacy of your customers. Not only is it good business, but privacy expectations have been set through regulations like the EU’s General Data Protection Regulation (GDPR), California’s Consumer Privacy Act (CCPA), and many others across the world.
One way that we monitor API calls from within our customer’s applications is through our agent. The Bearer Agent hooks into every API call in order to read the request, read the response, and in some scenarios act upon that information. The agent replaces methods in the HTTP clients with instrumented versions that call the original methods.
How many APIs does your organization rely on? A 2020 study by Slashdata found that 89% of developers use APIs, and the vast majority are using third-party APIs. These numbers aren’t unique to specific markets either. Regardless whether you are a software-first company, or offering a more tangible service, APIs are a vital part of modern infrastructures. Relying on APIs saves time, resources, and allows businesses to experiment in ways that otherwise would be hard to justify.
Async hooks are one of those Node.js features that seem interesting when you first see them, but in practice they end up failing to provide overtly obvious use cases. At their core, async hooks are a way to step into the lifecycle of any asynchronous resource. This may be a promise, a timeout, streams, DNS lookups, and even HTTP requests—like API calls. Most examples are focused on tracking the execution context or enhancing asynchronous stack traces.
In our previous article we talked about Synthetic Monitoring—a technique used to automate the testing and monitoring of resources by performing simulated user interactions and API calls. Now we're going to look at a complimentary technique called real-user monitoring which takes a more passive hands-off approach.
