Last updated on June 14th, 2023 at 03:19 pm
Technologists need two essentials – AI and automation – to manage application security across expanded attack surfaces
Joe Byrne, CTO Advisor, Cisco AppDynamics
Within IT departments across the world, there is growing concern about the threat of cybersecurity attacks. Much of this concern is focused specifically around application security.
In the latest research from Cisco AppDynamics, The shift to a security approach for the full application stack, 78 per cent of technologists report they feel their organization is vulnerable to a multi-staged security attack that would affect the full application stack over the next 12 months.
Rapid cloud adoption, the shift to microservice-based application architectures and increased deployment of IoT devices over the past couple of years, have led to a dramatic expansion in attack surfaces. In fact, the sheer volume of applications that are now spread acrossmultiple entities has made monitoring security throughout the DevOps pipeline extremely challenging.
Unfortunately, most IT teams don’t have the tools and insights to identify and manage security vulnerabilities on this scale, and they are increasingly feeling overwhelmed by the volume of security alerts coming at them from a multitude of monitoring tools.
To manage this new application security landscape, technologists need to adopt a more proactive approach to application security, integrating security into the development process from day one to build more secure products. And they need to lean on the power of automation and AI to cope with soaring volumes of data and to detect and remediate issues across an ever more dynamic and fragmented IT environment.
A lack of visibility and resources to manage new threats
As organizations have accelerated their digital transformation programs to meet changing customer needs and to enable hybrid work, application releases have surged. But in the rush to deliver new applications, security has often failed to keep up.
As organizations embrace cloud native applications and architectures, application components are increasingly running on a mix of platforms and on-premise databases, resulting in a huge expansion in attack surfaces. This is leaving major visibility gaps for IT teams and increasing the risk of a security event, the consequences of which are potentially catastrophic – service disruption and outages which can result in poor customer experience, reputational damage and lost revenue.
Two-thirds of technologists report that their current security solutions work well in silos but not together, meaning they can’t get a comprehensive view of their organization’s security posture. So, IT teams are being bombarded with security alerts from across the application stack but they simply can’t cut through the data noise to understand the risk level of security issues to prioritize remediation based on business impact. In fact, 59 per cent of technologists admit that they are overwhelmed by the volume of security threats and vulnerabilities to their organization – they simply don’t have enough time in the day to manage a constantly changing and ever more complex application security landscape. The result is that many IT teams are ending up in ‘security limbo’, doing nothing because they simply don’t know what to focus on and prioritize.
Automation and AIOps are critical to manage new volumes of application security threats
Technologists urgently need to get back to proactively managing application security in a controlled and strategic way. These professionals know they need a robust security approach for the full application stack approach to deliver complete protection for their applications, from development through to production, across code, containers and Kubernetes. Additionally, IT teams need to integrate performance and security monitoring to understand how vulnerabilities and incidents could impact end users and the business.
Given the intricate and constantly evolving nature of cloud native technologies, combined with the overwhelming number of security alerts generated by an expansive IT environment, the majority of IT departments do not possess sufficient resources to detect and analyze vulnerabilities proactively. This leads to end user experience issues. And, therefore, technologists should be looking to leverage automation and AI wherever they can within their application security processes.
Robust automation strengthens security postures, identifying threats and resolving them independent of an admin. This reduces human error, increases efficiency, and drives greater agility in development — enabling teams to ship and deploy applications even faster.
Automation helps contextualize security, correlating risk with other key areas such as the application, user and business. Business transaction insights enable IT teams to measure the importance of threats based on severity scoring, factoring in the context of the threat. This means they can prioritize threats that could damage a business critical area of the environment or application.
With runtime application self-protection (RASP), technologists can protect applications from the inside out, wherever they live and however they are deployed. They can see what is happening inside the code to prevent known exploits and simplify vulnerability fixes. Developers can generate targeted insights into their application environments which allows them to respond to threats at scale—whether that’s in containers, on-premises, or in the cloud—and integrate security throughout the entire application lifecycle.
Given the volume of new security threats which organizations are facing, AI and Machine Learning (ML) are now essential to identify gaps, predict vulnerabilities and automate processes to remediate any security holes. As bad actors ramp up their use of AI and ML, enterprise security teams must keep pace. AIOps extend human capabilities in multiple cybersecurity tasks, including monitoring, assessing, and resolving security issues—freeing up security teams to focus on higher-value issues and enabling them to collaborate more effectively and strategically throughout the development lifecycle.
AIOps is now essential to automatically detect and resolve issues across the technology stack, including cloud native microservices, Kubernetes containers, multi-cloud environments, or mainframe data centers. And technologists are increasingly recognizing this – the research found that more than three-quarters believe that AI will play an increasingly important role in addressing the challenges around speed, scale and skills that their organization faces in application security.
Rather than being stuck in limbo, technologists must use the full capabilities of automation and AIOps to optimize application security. Doing so will enable them to build more secure products, avoid costly downtime and push forward into the next era of innovation.