{"id":2874,"date":"2018-11-02T14:56:22","date_gmt":"2018-11-02T18:56:22","guid":{"rendered":"https:\/\/solutionsreview.com\/cloud-platforms\/?p=2874"},"modified":"2018-11-14T09:28:45","modified_gmt":"2018-11-14T14:28:45","slug":"application-security-solutions","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/","title":{"rendered":"Where Application Security Solutions Fit in Modern Enterprise Computing"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-2875\" src=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg\" alt=\"\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg 800w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security-300x150.jpg 300w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security-768x384.jpg 768w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security-540x270.jpg 540w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security-162x81.jpg 162w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\">Application development has experienced significant changes over the past decade. Today, apps tend to be built in <a href=\"https:\/\/solutionsreview.com\/cloud-platforms\/serverless-compute\/\" target=\"_blank\" rel=\"noopener\">container or serverless infrastructures<\/a>. Regardless of location, applications need proper security throughout the build process to be effective. Security often gets left out of the development process due to DevOps standards.<\/p>\n<p style=\"text-align: justify\">We\u2019ve discussed this before with <a href=\"https:\/\/solutionsreview.com\/cloud-platforms\/shift-security-left-devops\/\" target=\"_blank\" rel=\"noopener\">DevSecOps<\/a>, and application security solutions are a perfect tool for this approach. They work to automate mundane tasks in development, so security teams don\u2019t have to directly interfere. To gain a deeper insight into these issues, we chatted with\u00a0<a href=\"https:\/\/wallarm.com\/\" target=\"_blank\" rel=\"noopener\">Wallarm<\/a> CEO Ivan Novikov.<\/p>\n<h5 style=\"text-align: justify\"><strong>What responsibility do developers have in application security?<\/strong><\/h5>\n<p style=\"text-align: justify\">Developers have the ultimate responsibility of producing high quality and efficient code.\u00a0 Security and robustness are key characteristics of customer experience. Since this falls in the domain of developers, engineering management should secure resources and establish processes to educate developers on the matters of security, including using secure coding practices, deploying security automation and engaging with the security side of the house early and often.<\/p>\n<h5 style=\"text-align: justify\"><strong>How can DevOps integrate security more effectively?<\/strong><\/h5>\n<p style=\"text-align: justify\">DevOps and security teams historically had conflicting objectives. While DevOps is tasked with frequent iterative releases that can be field tested, it&#8217;s the responsibility of security teams to test the frozen code for vulnerabilities and weaknesses. The solution is automated security testing with the security team responsible for the definition of the tests and the policies, while DevOps focus on execution and integrating security testing into CI\/CD pipeline.<\/p>\n<h5 style=\"text-align: justify\"><strong>What new threats do you expect?<\/strong><\/h5>\n<p style=\"text-align: justify\">Many recent threats stem from deserialization in a variety of settings from XXE to java deserialization. We expect those threats to continue escalating driven by the increasing complexity of data. The new types of threats we expect would be new kinds of logic bombs that were not possible before the application structure became heavily distributed. Finally, will be the attacks orchestrated by AI and using distributed networks. These types of attacks will need AI on the defense site to combat them.<\/p>\n<h5 style=\"text-align: justify\"><strong>What are some important trends in the AppSec market?<\/strong><\/h5>\n<p style=\"text-align: justify\">Application security is rapidly gaining in importance. This trend is driven by porous perimeters when perimeter defense becomes irrelevant, the use of external SaaS and complex distributed application protocols with encapsulated data. To address the new architecture, the new generation of application security solutions need to be focused on the APIs and have the ability to parse the complex protocols. The other trend is the inclusion of bot and behavioral protection into many of the solutions.<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"msp-speedbump\" title=\"Download link to Managed Service Providers Buyers Guide\" href=\"https:\/\/solutionsreview.com\/cloud-platforms\/managed-service-provider-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/07\/Managed-Service-Providers-Speedbump-1.jpg\" alt=\"Download Link to Managed Service Providers Buyers Guide\" width=\"771\" height=\"170\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h5 style=\"text-align: justify\"><strong>Tell us some more about Wallarm\u2019s solution efforts<\/strong><\/h5>\n<ul style=\"text-align: justify\">\n<li>Wallarm platform offers two distinct solutions, Attack Protection, and Security Testing.<\/li>\n<li>Wallarm attack protection solution is powered by AI and offers better accuracy and lower maintenance efforts than most other solutions on the market.<\/li>\n<li>Most intrusion detection solutions like WAF and RASP rely on a generic set of static signatures which is the same for all their customers. Wallarm generates application-specific <strong>dynamic<\/strong> rules, using AI to learn from our customer\u2019s traffic.<\/li>\n<li>Legacy intrusion prevention solutions are passive, while Wallarm includes an <strong>active<\/strong> component to sevaluate the risk of attacks to specific applications.<\/li>\n<li>Most WAF generates too many poorly grouped alerts that may or may not be relevant, while Wallarm finds where to <strong>focus<\/strong> with automatic attack re-check, enabling a faster response.<\/li>\n<li>Wallarm Security Testing product &#8211; Framework for Application Security Testing &#8211; strives to bridge the gap between DevOps and security by incorporating automated security testing into CI\/CD frameworks, like Jenkins, and regularly running tests based on policies defined by the security team.<\/li>\n<\/ul>\n<p style=\"text-align: justify\">\n","protected":false},"excerpt":{"rendered":"<p>Application development has experienced significant changes over the past decade. Today, apps tend to be built in container or serverless infrastructures. Regardless of location, applications need proper security throughout the build process to be effective. Security often gets left out of the development process due to DevOps standards. We\u2019ve discussed this before with DevSecOps, and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2875,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2],"tags":[805,150,74,907],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Where Application Security Solutions Fit in Modern Enterprise Computing<\/title>\n<meta name=\"description\" content=\"Application security solutions allow developers and security teams to work in unison without being intrusive, aligning strongly with DevOps.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/\",\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/\",\"name\":\"Where Application Security Solutions Fit in Modern Enterprise Computing\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg\",\"datePublished\":\"2018-11-02T18:56:22+00:00\",\"dateModified\":\"2018-11-14T14:28:45+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"Application security solutions allow developers and security teams to work in unison without being intrusive, aligning strongly with DevOps.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg\",\"width\":800,\"height\":400,\"caption\":\"Application Security Solutions\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/cloud-platforms\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Where Application Security Solutions Fit in Modern Enterprise Computing\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#website\",\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/\",\"name\":\"Best Enterprise Cloud Strategy Tools, Vendors, Managed Service Providers, MSP and Solutions\",\"description\":\"Guides, Analysis and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/cloud-platforms\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/solutionsreview.com\"],\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Where Application Security Solutions Fit in Modern Enterprise Computing","description":"Application security solutions allow developers and security teams to work in unison without being intrusive, aligning strongly with DevOps.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/","url":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/","name":"Where Application Security Solutions Fit in Modern Enterprise Computing","isPartOf":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg","datePublished":"2018-11-02T18:56:22+00:00","dateModified":"2018-11-14T14:28:45+00:00","author":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"Application security solutions allow developers and security teams to work in unison without being intrusive, aligning strongly with DevOps.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#primaryimage","url":"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg","contentUrl":"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/11\/application-security.jpg","width":800,"height":400,"caption":"Application Security Solutions"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/application-security-solutions\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/cloud-platforms\/"},{"@type":"ListItem","position":2,"name":"Where Application Security Solutions Fit in Modern Enterprise Computing"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#website","url":"https:\/\/solutionsreview.com\/cloud-platforms\/","name":"Best Enterprise Cloud Strategy Tools, Vendors, Managed Service Providers, MSP and Solutions","description":"Guides, Analysis and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/cloud-platforms\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/solutionsreview.com"],"url":"https:\/\/solutionsreview.com\/cloud-platforms\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/posts\/2874"}],"collection":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/comments?post=2874"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/posts\/2874\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/media\/2875"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/media?parent=2874"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/categories?post=2874"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/tags?post=2874"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}