Enhanced Rollout Safety: Report-Only Mode & Usage-Based Pricing

Based on community feedback from production deployments, we're adding features that make G8KEPR deployments safer, more transparent, and more cost-effective. These enhancements address the three biggest concerns we hear from engineering teams: rollout risk, performance overhead, and pricing predictability.

🎯 What This Solves

Safe Rollouts

Test security rules in production for weeks without blocking traffic

Performance Proof

Benchmarks showing sub-5ms latency overhead with real data

Fair Pricing

Pay only for what you use instead of overprovisioning

1. Report-Only Mode with Per-Rule Analytics

Our current Monitor Mode logs threats without blocking them. The enhanced version adds per-rule hit counts and a confidence score so you can see exactly which rules would have fired and whether they're false positives.

How It Works

Enable Report-Only Mode

Set mode: "report" in your config. All threats are logged but not blocked.

Run for 1-2 Weeks

Let production traffic flow normally while G8KEPR learns your baseline patterns.

Review Per-Rule Analytics

Dashboard shows which rules triggered most often and their false positive rate.

One-Click Flip to Block

Click "Enable Blocking" in the dashboard. No config changes, no redeployment needed.

Dashboard View

RuleHits (14 days)False PositivesAction

SQL Injection Pattern8470.1%Ready ✓

XSS Detection2340.3%Ready ✓

Rate Limit: API Calls1,23412.4%Review

Unusual User-Agent8945.2%Disable

3 of 4 rules ready for blocking

Confidence score: 94.8%

2. Latency Benchmarks & Performance Proof

One of the biggest concerns we hear is: "How much latency does G8KEPR add?" We're adding comprehensive benchmarks and real-time latency tracking to prove the overhead is negligible.

Real-World Performance Data

Scenario	Without G8KEPR	With G8KEPR	Overhead
Simple GET /users	12ms	14ms	+2ms (16%)
POST with validation	45ms	48ms	+3ms (6.7%)
GraphQL query	89ms	93ms	+4ms (4.5%)
File upload (5MB)	234ms	237ms	+3ms (1.3%)

* Benchmarked on AWS t3.medium instances with 500 concurrent users. Your results may vary based on traffic patterns.

Live Latency Dashboard Widget

Every G8KEPR installation will expose real-time latency metrics showing exactly how much overhead is added:

P50 Overhead

1.8ms

Median request

P95 Overhead

4.2ms

95th percentile

P99 Overhead

8.7ms

99th percentile

Max Overhead

23ms

Worst case (0.01%)

3. Usage-Based Pricing

Instead of flat monthly fees, pay only for the requests G8KEPR processes. This is especially valuable for:

Startups with unpredictable traffic
Seasonal businesses with traffic spikes
Dev/staging environments that don't need production-level pricing

Pricing Tiers

Monthly Requests	Price per 1M	Example Cost
0 - 10M	$12.00	5M requests = $60/mo
10M - 100M	$8.00	50M requests = $440/mo
100M - 1B	$5.00	500M requests = $2,440/mo
1B+	$2.50	Custom enterprise pricing

Startup Example

Traffic:2.5M requests/mo

Cost:$30/mo

vs Flat pricing:$99/mo

You save:$69/mo (70%)

Growth Stage Example

Traffic:75M requests/mo

Cost:$640/mo

vs Flat pricing:$899/mo

You save:$259/mo (29%)

4. Enhanced Request Tracing

When G8KEPR blocks a request (403 or 429), the response will include a unique X-G8KEPR-Request-ID header so developers can trace exactly what happened and why.

Example blocked request response:

HTTP/1.1 403 Forbidden
X-G8KEPR-Request-ID: req_2kx9f7b3mp4t
X-G8KEPR-Block-Reason: sql_injection_detected
X-G8KEPR-Rule: pattern_match_select_from
X-G8KEPR-Severity: high
X-G8KEPR-Trace-URL: https://dashboard.g8kepr.com/trace/req_2kx9f7b3mp4t

{
  "error": "Request blocked by security policy",
  "request_id": "req_2kx9f7b3mp4t",
  "trace_url": "https://dashboard.g8kepr.com/trace/req_2kx9f7b3mp4t"
}

Clicking the trace URL takes you directly to a detailed view showing:

Full request headers and body (sanitized)
Which rule triggered and why
Request flow timeline
Similar requests that were allowed
One-click "Add to Allowlist" button if it's a false positive

5. Developer Experience Improvements

Additional enhancements based on community feedback:

🔍 Debug Headers

Add X-G8KEPR-Debug: true to any request to get verbose processing info:

X-G8KEPR-Processing-Time: 3.2ms
X-G8KEPR-Rules-Evaluated: 12
X-G8KEPR-Threats-Detected: 0
X-G8KEPR-Cache-Hit: true
X-G8KEPR-Rate-Limit-Remaining: 4847

📊 Weekly Rollup Reports

Automatic email summaries every Monday showing threats blocked, false positive rate, latency stats, and cost breakdown.

🔔 Slack/Discord Webhooks

Get notified in real-time when high-severity threats are blocked or when false positive rates spike.

🧪 Postman Collection

Pre-built test suite to validate your G8KEPR config before deploying, including edge cases and attack simulations.

Timeline & Pricing

Q2 2025 Release

✅ Report-Only Mode with per-rule analytics
✅ One-click flip to blocking mode
✅ Live latency dashboard
✅ Enhanced request tracing
✅ Debug headers

Pricing

Usage-based: $12/1M requests (first 10M)
Starter: $99/mo (flat, up to 25M req)
Pro: $299/mo (flat, up to 100M req)
Enterprise: Custom pricing

🙏 Thank you u/Fuzzy_University_670

These features were directly inspired by feedback from the community. If you have ideas for making G8KEPR better, we'd love to hear them - join our Discord or email us at hello@g8kepr.com.