Security News > 2023 > January > Cloud-native application adoption puts pressure on appsec teams

The predictions follow industry-wide research, which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications - resulting in the need for new and more effective approaches to cloud-native application security.

The distinction between application security and cloud security has clearly blurred as application security is now affected by the underlying cloud infrastructure, while cloud security professionals now have to take the application layer into account in their attack path analysis.

For application security professionals, this means they must now learn to perform an accurate analysis of cloud-native applications, which combine analysis of code, container, cluster, cloud and their connections and communications.

For cloud security professionals, this means finding a way to add application layer analysis into their existing security posture.

This will force appsec teams to find tools that provide detailed, high-fidelity risk profiles for each application within their care that include the 'risk score' of their applications, the type of data that these applications collect, transfer and store, and the number of records that are collected, among others.

"Cloud-native applications are game-changers when it comes to business agility, but the protection of these platforms introduce new challenges, restrictions and requirements that restrict traditional application security solutions from functioning effectively in these environments," said Ron Vider, CTO, Oxeye Security.

News URL

https://www.helpnetsecurity.com/2023/01/06/cloud-native-application-adoption-pressure-appsec-teams/