• Watch
  • Listen
  • Live Stream
Security Weekly
Security Market Validation
  • Listeners
    • Subscribe
    • Insider List
    • Suggest a Guest
  • Shows
    • Paul’s Security Weekly
    • Enterprise Security Weekly
    • Business Security Weekly
    • Application Security Weekly
    • Security & Compliance Weekly
    • Security Weekly News
    • Tradecraft Security Weekly
    • Secure Digital Life
  • Series
    • CISO Stories
    • Getting the Real Work Done in Cybersecurity
  • Webcasts/Trainings
    • Registration
    • On-demand
  • Articles
  • Partners
    • Become a Partner
    • Landing Pages
  • Hosts
  • Company
    • About
    • Careers
    • Contact

Application Security/ Articles/ Cloud Security/ Compliance/ Container Security/ Data Security/ DevOps/ Endpoint Security/ Firewall/ Identity and Access/ Vulnerability Management

Delivering on the Promise of Application Security in the Cloud

Matt Alderman May 10, 2021

Application security has become a complex, distributed problem.  During the days of waterfall development and monolithic applications, application security was pretty straight forward – statically scan your source code, dynamically test your business logic, and deploy a web application firewall to protect layer 7 traffic.  But with agile development, DevOps processes, and containerized applications, application security has evolved into a more robust market with lots of new solutions.  Add the cloud and it gets even more complex.  How does an organization effectively correlate, prioritize, and remediate vulnerabilities and misconfigurations across a complex cloud or hybrid architecture?

Although the industry analysts like to create new security markets, the goal should be to consolidate findings across the various components of the application and cloud infrastructure into a single, DevOps friendly tool to prioritize and remediate vulnerabilities quickly.  We see these tool starting to emerge in two areas: Application Security and Cloud Security. For applications, we see a consolidation of the following components:

  • Custom Code (i.e., static and dynamic analysis)
  • Open Source/Third Party Code (i.e., software composition analysis)
  • Orchestration/Containers (i.e., endpoint security, Kubernetes security, and container security)

In the cloud, we see a consolidation of the following components:

  • Cloud Infrastructure (i.e., infrastructure as code, cloud workload protection, and cloud security posture management).
  • Orchestration/Containers (i.e., container security and serverless)
  • Application Programming Interfaces (i.e., web application firewalls and API security)

We also need to address user, service, and machine accounts (i.e., access and entitlements) across this distributed architecture.  As you can see, delivering on the promise of application security in a cloud deployment is easier said than done.  So where do you start?

We recently interviewed Ankur Shah, Vice President of Products, Public Cloud Security at Palo Alto Networks, on Application Security Weekly to discuss how Prisma Cloud is addressing these challenges.  Palo Alto has been acquiring many companies and integrating them into Prisma Cloud to solve the complexities of cloud, including:

  • Visibility, Compliance, and Governance
  • Threat Detection
  • Data Security
  • Host Security
  • Container Security
  • Serverless Security
  • Web Application and API
  • Identity-Based Microsegmentation
  • Identity and Access Management Security

To see how Prisma Cloud can help protect your applications in the cloud, watch the interview on Application Security Weekly here or visit securityweekly.com/prismacloud for more information.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related Posts

web-application-firewall-comparison-696x423

Application Security /

Building a More Secure AppDev Process

uptrend line arrows with bar chart in stock market on blue color background

Articles /

Ransomware Damage Claims Driving Insurance Hikes

Picture1

Cloud Security /

The Unique Challenges of Companies Born in the Cloud

‹ How Cloud Defenders Thwart Attacks Against Resilient Services › Cryptocurrency: Cybercrime’s New Favorite Tool

About Security Weekly

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.

More Than Just A Sponsor

We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.

Back to Top

Subscribe To The Blog:

RSS feed RSS - Posts

Search

Latest Tweets

Tweets by @secweekly
© Security Weekly 2022
Powered by WordPress • Themify WordPress Themes