Taking an integrated approach to application security
How to overcome the challenge of application security
Across all industries, application security has become an increasingly difficult and complex challenge. Rapid innovation over the last few years has led to a significant expansion in attack surfaces, particularly where organizations have shifted to modern application stacks, built on cloud native technologies. Increased deployment of Internet of Things (IoT) and connected devices and new hybrid working models have also extended attack surfaces.
At the same time, there has been a sharp increase in the volume and sophistication of cybercrime threats which are raising concerns within IT departments. In fact, in the latest research from Cisco AppDynamics, The shift to a security approach for the full application stack, 78% of technologists feel that their organization is vulnerable to a multi-staged cybersecurity attack that would affect the full application stack over the next 12 months. Of course, the potential consequences of such an attack could be disastrous for brands.
The issue for many IT teams is that they haven’t got the right level of visibility and insights to understand where new threats are coming from across a sprawling topology of applications. More than half of technologists report that they often end up operating in ‘security limbo’ because they don’t know what to focus on and prioritize.
An integrated approach to application security enables IT teams to secure the full stack of modern applications across the entire application lifecycle. It provides complete protection for applications, from development through to production, across code, containers and Kubernetes. Crucially, with combined application and security monitoring, technologists can see how vulnerabilities could impact the business and then prioritize their actions accordingly, rather than being stuck in limbo.
IT teams being bombarded with security alerts
Application security simply hasn’t kept pace with release velocity over recent years. The vast majority of technologists admit that the rush to rapidly innovate and respond to the changing needs of customers and users during the pandemic has come at the expense of robust application security during software development. And the pressure to prioritize speed over security isn’t letting up.
As a result, IT teams find themselves encountering a number of new challenges, from keeping pace with a constantly evolving risk landscape, through to a lack of skills to manage security within cloud native environments. Technologists also point to a lack of a shared vision between application development and security teams as a growing issue.
Arguably the biggest challenge, however, is a lack of visibility into changing attack surfaces and vulnerabilities. Many current security solutions work well in silos but not together, and this means that technologists are unable to get a comprehensive or unified view of their organization’s security posture. They’re experiencing visibility gaps across multi-cloud environments, with application components running across multiple platforms and on-premise databases.
The result is IT teams being bombarded with security alerts from up and down the IT stack but unable to understand the severity and potential impact of these issues in order to prioritize their resources. Technologists are completely overwhelmed, unsure which fire to put out first.
James Harvey is Executive CTO for EMEA at Cisco AppDynamics
Moving to a security approach for the full application stack
In response, technologists are recognizing the need to adopt a security approach for the full application stack that delivers complete protection for their applications, from development through to production, across code, containers and Kubernetes. In fact, 79% of technologists state that the implementation of a security approach for the full application stack is now a priority for their organization.
Alongside this, IT teams need to integrate performance and security monitoring to understand how vulnerabilities and incidents could impact end users and the business. Business transaction insights enable technologists to measure the importance of threats based on severity scoring, factoring in the context of the threat. This means that they can prioritize threats that could damage a business critical area of the environment or application. Suddenly, technologists can cut through the data noise caused by high volumes of security alerts and focus on the things that really matter.
However, such is the complexity and dynamic nature of cloud-native technologies, and the rapid expansion of attack surfaces, IT teams are increasingly embracing automation and Artificial Intelligence (AI) to automatically detect and resolve issues across the technology stack, including cloud native microservices, Kubernetes containers, multi-cloud environments, or mainframe data centers.
Already, AI is being deployed for continuous detection and prioritization, so that security exploits are identified and blocked automatically, without human intervention, maximizing speed and uptime while minimizing risk. And more than three quarters of technologists believe that AI will play an increasingly important role in addressing the challenges around speed, scale and skills that their organization faces in application security.
In order to protect modern application stacks, organizations also need to foster much closer collaboration between IT teams. A DevSecOps approach introduces security testing earlier in the development process, with security teams analyzing and assessing security risks and priorities during planning phases to set a strong foundation for development.
With a holistic approach to application security, combining automation, integrated performance and security monitoring and DevSecOps methodologies, IT teams can be far more proactive and strategic in how they manage risk. Rather than being stuck in limbo, a security approach for the full application stack can allow technologists to build more secure products, avoid costly downtime and push forward into the next era of innovation.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
James Harvey is the EMEAR CTO at Cisco's AppDynamics. He has over 20 years of experience in the IT industry and offers unique insights into users’ changing relationships with applications.