How to implement cybersecurity for modern application connectivity

2021-05-24 04:00

How does the order apply to today's modern application networks and cloud-first technologies? The rise of hybrid and multi-cloud environments, distributed microservices applications, and container orchestration with Kubernetes all imply a need for zero-trust application networking that operates consistently and comprehensively in diverse heterogeneous environments.

It is imperative that all private businesses and governmental organizations collaborate to secure connectivity for distributed, containerized, microservices applications, which makes perfect sense since attackers probe the entire digital supply chain and its implementation, not restricting themselves to any one element of the total technology stack.

An API gateway is the first point of "Ingress" contact for zero-trust architecture, receiving, screening, and routing incoming application requests to the appropriate applications.

Secure API gateways and service meshes should include features like mutual transport layer encryption, the ability to manage secrets, a built-in web- application firewall, data loss prevention, extensible certificate-based authentication, federated role-based access controls and delegation, Open Policy Agent authorization, and vulnerability scanning.

What is clear is that a sweeping executive order very quickly becomes more complicated to implement when interpreted in context of modern applications and mixed operating environments.

If public and private organizations want to join in the fight for modern application security, they should review and assess the many tools needed to be successful in that fight.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/KjTb4Q_LB0U/

#cybersecurity