A manifesto to change our mindsets and truly revolutionize effective application protection.

Dark Reading Staff, Dark Reading

September 14, 2020

4 Min Read

Almost a decade ago, Marc Andreessen famously declared, "Software is eating the world." The disruptive power, scalability, and low entry costs of software applications, from Amazon to Netflix to LinkedIn, were well known then and this trend has accelerated dramatically. Today, few companies can avoid digital transformation and remain competitive. In fact, it might be more accurate today to say that software applications run the world.

Unfortunately, security hasn’t kept up.

While businesses continue to invest in never-ending layers of security point solutions, our fundamental security stance is outdated. While our datacenters and physical networks disappear, we continue to cling to an outdated perimeter-defense mindset: "Keep the good stuff in. Keep the bad guys out."

But the security perimeter is increasingly porous, and in many cases, disappearing altogether. It’s fair to compare traditional perimeter security tools to mall cops – guarding the entrance, but with little ability to tell who will do something bad once inside. And now these mall cops are increasingly guarding empty stores because inventory has moved to the cloud.

Today's advanced cyberattacks can easily bypass perimeter security tools, and most experts agree that the precursors to your next attack are already inside your network. This has effectively moved the battleground to the application itself. The goal of modern hackers is to enter innocuously and corrupt applications as they execute during runtime. These attacks increasingly occur in process memory where they can act undetected, derail applications, expose sensitive data, and leave few clues behind.

As awareness increases about the need for runtime security, it’s important to look at the problem comprehensively and avoid adding more point products with only partial solutions. Most revolutions need a manifesto, so to change our mindsets and truly revolutionize cybersecurity, here are five principles to keep in mind for effective application protection:

1. Change Your Thinking: Turn conventional security inside-out.
Most security tools are trying to accomplish a hopeless task – preventing anything suspicious from getting past the perimeter, with little insight into what is good or bad. Modern security needs to start from the inside – with the application itself. This application-centric approach focuses on understanding what apps are supposed to do, monitoring them as they execute and making sure they never deviate– regardless of external threats, vulnerabilities, or zero-day attacks.

2. Prepare for a Different Fight: Runtime is the new security battleground.
Stopping attacks before they happen requires either prior knowledge or lucky guesswork. Detecting attacks after the fact is usually too little, too late. Most conventional security tools treat application runtime as a black box. Advanced attackers know this and are exploiting this gap with ease. You can’t stop what you can’t see – and to prevent runtime attacks you need full visibility into exactly what’s happening as application code executes.

3. Eliminate Blind Spots: Protect the full application stack.
If you lock your front door but leave a basement window open, that’s where the burglars will go. It’s the same with web applications. You need to stop web-based attacks, but also the underlying servers, third-party code, backend applications, and data that are all connected and exposed to the outside world. Effective security requires unified protection across the web, memory, and host layers.

4. Leave No Apps Behind: Protection must extend from legacy, to cloud, to containers.
Almost any real-world enterprise has a mix of applications and platforms, from legacy apps that can’t be easily retired, to cutting-edge tools in cloud, hybrid, container or serverless environments. Security-by-patching, especially for legacy applications will never keep up and often causes unintended consequences that interrupt business. Complete security in the real-world requires protection of all apps, from old to new, regardless of their platforms or patch status.

5. Protect Continuously: Incorporate security into your end-to-end product lifecycle.
The complexity of today’s software stacks means that vulnerabilities are inevitable. Hundreds emerge every day, and you’ll never ship perfect code into production. Agile development demands security that is equally adaptive and continuous, detecting vulnerabilities in pre-production, providing compensating controls for unaddressed problems, and reacting to new threats that emerge during production.

The stakes are high, but this battle can be won if we update our security mindset and protect what matters most – your applications and your business. With software applications running the world, it’s critical that you run trust their integrity and run them with total confidence.

For more information on how Virsec addresses modern threats and protects applications from the inside and to get your free, detailed guide outlining the Five Essential Steps for Enterprise Application Security, please visit Virsec.com.

About the Author: Willy Leichter, Vice President of Marketing, Virsec
Willy Leichter leads Virsec marketing, with over twenty years of experience in product marketing, product management, outbound marketing, communications, digital marketing, and demand generation. He has worked with a wide range of global enterprises to help them meet evolving security challenges. With extensive experience in a range of IT domains including network security, global data privacy laws, data loss prevention, access control, email security and cloud applications, he is a frequent speaker at industry events and author on IT security and compliance issues. A graduate of Stanford University, he has held marketing leadership positions in the US and Europe, at CipherCloud, Axway, Websense, Tumbleweed Communications, and Secure Computing (now McAfee).

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights