Q.Tap

See Through Encryption with eBPF

No proxy required
No code-changes or instrumentation
Use your existing observability pipeline
Extremely performant, in-kernel
Non-obtrusive, out-of-band
No certificate management

The Challenge

Apps, Services,
& AI Agents

The modern cloud is complex and encrypted–making it impossible to see what's happening

APIs,
Services,
& Vendors

Solution

Unlike traditional proxies that sit in the network path and require certificate management, Qtap works by deploying a lightweight eBPF agent that attaches to TLS function calls, capturing traffic before encryption occurs. This provides detailed visibility into requests and responses without affecting the encryption process, and requiring zero configuration changes to applications or network.

The result? Complete visibility into encrypted traffic without the need to manage certificates, configure proxies, or modify application code.

Example: Capture Errored Requests and Payloads

Use Qtap to find problems, see where they occur, and view the full request / response payloads
  1. Install Q.Tap eBPF Agent
    Qtap sees the pre-encryption request and post encryption respones via eBPFs
  2. Detect Errors / Custom Conditions
    Configure Rulekit to look for errors or specific conditions you might want to record
  3. Persist the Payloads / Data
    Upload payload data to S3 compatible endpoint
  4. Submit Log Entry
    Generate log entry with all the context & links to the persisted payloads