Protecting Cloud-Native Applications From Exposure

Adoption of cloud-native architectures, DevOps and agile methodologies is growing globally, according to an international survey of chief information security officers (CISO) by software intelligence expert Dynatrace. The poll aims to help understand how cybersecurity is being addressed today by companies around the world.

Technology is evolving rapidly, leaving security teams worldwide with the challenge of keeping up with the tide as developers sometimes do not have enough resources to act effectively. “Developers often do not have time to conduct manual security scans, or the resources needed to automatically differentiate between potential vulnerabilities and critical exposures,” states Dynatrace’s Global CISO Report.

The company surveyed 700 companies worldwide, of which 200 were from the US, 100 each from the UK, France, Spain and Germany, and 50 each from Brazil and Mexico. The results indicate that the fast pace at which innovation is moving demands an equally fast response from technology suppliers. “Traditional security tools, which were designed for an era with static IT environments, are unable to provide the same level of monitoring and protection they once did,” the report states.

Among the Dynatrace survey highlights, were the following:

• Microservices, Containers and Kubernetes have created application security blind spots, say 89 percent of surveyed CISOs.
• A total of 97 percent of organizations do not have real-time visibility of runtime vulnerabilities in containerized production environments.
• Nearly two-thirds (63 percent) of CISOs say DevOps and Agile development have made it more difficult to detect and manage software vulnerabilities.
• Traditional security controls, such as vulnerability scanners, no longer fit today’s cloud-native world, say 74 percent of CISOs.
• Up to 71 percent of CISOs admit they are not fully confident code is free of vulnerabilities before going live.

“The increased use of cloud-native architectures has fundamentally broken traditional approaches to application security,” said Bernd Greifeneder, Founder and Chief Technology Officer at Dynatrace, according to a corresponding press release. The way companies have modernized how they store data has created security breaches that need modernized solutions. Another challenge stems from how overwhelmed security teams have become when it comes to the number of alerts they get, which makes it difficult for them to prioritize the remediation of vulnerabilities, distinguishing them from potential threats and critical exposures. In Mexico, only 36 percent of all security vulnerability alerts require actioning, report the surveyed CISOs.

In Mexico, microservices, containers and Kubernetes have also caused application security blind spots, report 86 percent of surveyed CISOs. Fifty-two percent of Mexican CISOs also said they had looked for new ways of working and 54 percent indicated they had adjusted to faster releases or delivery cycles. Close to 50 percent of Mexican CISOs said that they had not adjusted to modern technologies.

Under these circumstances, Dynatrace Application Security enables teams to accelerate DevSecOps processes through automation, in a way that continuously analyzes applications, libraries and codes, both in production and pre-production. “This helps ensure development teams do not have blind spots and are not wasting time chasing false positives,” reads the report. Dynatrace Application Security is different in the way that it prevents, identifies and resolves exposures while also reducing the number of false positives as it also offers all-in-one observability. “With the Application Security Module on the Dynatrace Software Intelligence Platform, organizations can leverage the automation, AI, scalability and enterprise-grade robustness of Dynatrace, and extend this to deliver more secure release cycles with confidence their cloud-native applications are free from exposures,” states the company’s press release.