Site24x7's APM Auto Profiler agent security
Site24x7's APM Auto Profiler ensures secure communication and data handling by implementing industry-standard security practices. Below is a breakdown of our key security measures:
Disclosure and auditing
The agent does not perform any dynamic code generation during its interaction with your application, ensuring that no code is introduced into your application without your explicit knowledge.
Data collection
Using a structured format, the agent transmits data from your application to the Site24x7 user interface at one-minute intervals. Upon receiving the data, the Site24x7 servers acknowledge if the data is successfully received or if an error occurred.
Site24x7 collects the following aggregated metric data:
- Transaction activity
- Database activity
- Application-level code traces
- External web service calls
- View rendering activity
- Uncaught exceptions and their counts
- Process memory and CPU utilization
Encrypted HTTPS communication to the data center
The APM Auto Profiler agent communicates exclusively via HTTPS to ensure that all performance data transmitted from your application environment to our data center remains encrypted and secure. This prevents interception or tampering during transit.
Outbound access and proxy support
All communication between the APM Auto Profiler agent and the data center is secured via HTTPS (TLS 1.2 or higher). This ensures all transmitted performance data remains encrypted in transit, preventing unauthorized access or tampering.
- Domains and IPs: View the list of IP addresses to be allowed.
- Port: 443 (outbound port)
If your server needs a proxy to connect to these domains, use the proxy setting available during the installation of the respective agents.
Web client and data center security
The APM Auto Profiler agent follows strict web and data center security policies.
- Compliance: Alignment with ISO/IEC 27001:2013 and OWASP Top 10 security standards to avoid security risks like cross-site scripting (XSS) and security misconfigurations
- Web client protection: Mitigation against XSS, CSRF, and other web threats
- Data center facilities:
- Physical access protected with biometric and two-factor authentication
- 24/7/365 monitoring via infrared security cameras
- Bullet-resistant walls and undisclosed facility locations
- Continuous monitoring and access logging
To read more about our network security and other best practices for managing security and data protection risks, refer to our security document.
Data availability and resiliency
The APM Auto Profiler agent runs as a background Windows or Linux service on the monitored machine. It collects profiling and performance data locally and transmits it securely to the Site24x7 data center at plusinsight.site24x7.com.
The following ensure uninterrupted monitoring and profiling:
- Agent-based, local data collection: Data is continuously collected by the data exporter agent in the local system, even in cases of temporary network outages.
- Reliable transmission: The collected data is sent securely via HTTPS to a load-balanced Site24x7 data center at plusinsight.site24x7.com, ensuring high availability and efficient processing.
- A load-balanced data center: The plusinsight.site24x7.com endpoint is hosted in a load-balanced environment. This setup distributes incoming agent data across multiple healthy back-end nodes, ensuring:
- High availability.
- Redundancy within the data center.
- Resilience against node-level failures.
The architecture ensures that even if individual components of the data center are affected, monitoring continues seamlessly through the load-balanced infrastructure.
Minimal resource usage by the APM Auto Profiler agent
The APM Auto Profiler agent is lightweight and optimized to run in production environments with a minimal system impact. It performs real-time data collection and transmission efficiently, ensuring it does not interfere with application performance.
| Metric | Windows | Linux |
| CPU usage | Less than 1% | Less than 1% |
| Memory usage | 20MB | 25MB |
| Bandwidth usage | Less than 20KB every 1 minute | Less than 20KB every 1 minute |
| Disk usage | 100MB | 200MB |
Benchmark reports: Application performance with the APM agent loaded via the APM Auto Profiler
The APM Auto Profiler agent has undergone extensive testing to confirm its low performance impact across real-world environments. For comprehensive insights into its CPU, memory, and I/O usage during application profiling across all supported platforms:
- View the APM agent performance report for the Java agent on applications.
- View the APM agent performance report for the .NET agent on applications.
- View the APM agent performance report for the PHP agent on applications.
- View the APM agent performance report for the Node.js agent on applications.
- View the APM agent performance report for the Python agent on applications.