Application development has experienced significant changes over the past decade. Today, apps tend to be built in container or serverless infrastructures. Regardless of location, applications need proper security throughout the build process to be effective. Security often gets left out of the development process due to DevOps standards.
We’ve discussed this before with DevSecOps, and application security solutions are a perfect tool for this approach. They work to automate mundane tasks in development, so security teams don’t have to directly interfere. To gain a deeper insight into these issues, we chatted with Wallarm CEO Ivan Novikov.
What responsibility do developers have in application security?
Developers have the ultimate responsibility of producing high quality and efficient code. Security and robustness are key characteristics of customer experience. Since this falls in the domain of developers, engineering management should secure resources and establish processes to educate developers on the matters of security, including using secure coding practices, deploying security automation and engaging with the security side of the house early and often.
How can DevOps integrate security more effectively?
DevOps and security teams historically had conflicting objectives. While DevOps is tasked with frequent iterative releases that can be field tested, it’s the responsibility of security teams to test the frozen code for vulnerabilities and weaknesses. The solution is automated security testing with the security team responsible for the definition of the tests and the policies, while DevOps focus on execution and integrating security testing into CI/CD pipeline.
What new threats do you expect?
Many recent threats stem from deserialization in a variety of settings from XXE to java deserialization. We expect those threats to continue escalating driven by the increasing complexity of data. The new types of threats we expect would be new kinds of logic bombs that were not possible before the application structure became heavily distributed. Finally, will be the attacks orchestrated by AI and using distributed networks. These types of attacks will need AI on the defense site to combat them.
What are some important trends in the AppSec market?
Application security is rapidly gaining in importance. This trend is driven by porous perimeters when perimeter defense becomes irrelevant, the use of external SaaS and complex distributed application protocols with encapsulated data. To address the new architecture, the new generation of application security solutions need to be focused on the APIs and have the ability to parse the complex protocols. The other trend is the inclusion of bot and behavioral protection into many of the solutions.
Tell us some more about Wallarm’s solution efforts
- Wallarm platform offers two distinct solutions, Attack Protection, and Security Testing.
- Wallarm attack protection solution is powered by AI and offers better accuracy and lower maintenance efforts than most other solutions on the market.
- Most intrusion detection solutions like WAF and RASP rely on a generic set of static signatures which is the same for all their customers. Wallarm generates application-specific dynamic rules, using AI to learn from our customer’s traffic.
- Legacy intrusion prevention solutions are passive, while Wallarm includes an active component to sevaluate the risk of attacks to specific applications.
- Most WAF generates too many poorly grouped alerts that may or may not be relevant, while Wallarm finds where to focus with automatic attack re-check, enabling a faster response.
- Wallarm Security Testing product – Framework for Application Security Testing – strives to bridge the gap between DevOps and security by incorporating automated security testing into CI/CD frameworks, like Jenkins, and regularly running tests based on policies defined by the security team.