Cloud 101CircleEventsBlog
The CCSK v5 and Security Guidance v5 are now available!

Why You Need Active Cloud-Native Application Security

Why You Need Active Cloud-Native Application Security

Blog Article Published: 02/14/2023

Originally published by Tigera.

Written by Ratan Tipirneni, Tigera.

First-generation security solutions for cloud-native applications have been failing because they apply a legacy mindset where the focus is on vulnerability scanning instead of a holistic approach to threat detection, threat prevention, and remediation. Given that the attack surface of modern applications is much larger than in traditional apps, security teams are struggling to keep up and we’ve seen a spike in breaches.

To better protect cloud-native applications, we need solutions that focus on threat prevention by reducing the attack surface. With this foundation, we can then layer on threat detection and threat mitigation strategies.

Active security will help you address your most urgent cloud security needs.

A new runtime security model

To properly secure modern cloud-native applications, we need to use a modern architecture that aligns with them. Active cloud-native application runtime security includes three components:

  • Threat prevention – Effectively reduce the attack surface using zero-trust controls.
  • Threat detection – Provide a mechanism through which users can monitor for both known and unknown vulnerabilities and malware on an ongoing basis.
  • Threat mitigation – Give users the ability to mitigate breaches by dynamically responding to threats.

This three-part architecture is the security model required to keep up with cloud-native applications and keep them secure.

Why ‘active’ security is important

If your only focus is on discovering known threats, you won’t be able to keep up. This strategy leads to application teams being busy trying to fix last year’s vulnerabilities while new ones continue to pop up. Instead of forcing this legacy mindset, we need to implement active security.

‘Active’ describes the three-layered architecture I outlined in the above security model. It starts with a zero-trust approach to reduce the attack surface. Then, using this as a foundation, layering on the second and third pillars of the model: a mechanism to continuously detect known and unknown threats, and dynamic mitigation strategies. Unless you sequence it like this, it’s almost impossible to secure cloud-native applications.

Why now?

We have the benefit, collectively as an industry, to look back at data that tells us if what we’re doing is effective or not. In doing so, we can see the unanticipated side effects of previous solutions for cloud-native security (i.e. application teams and application deployment are getting slowed down).

The data is telling us that the approach we’ve been using is fundamentally not working. So we need to go back and rethink the problem. Active security, with its three-layered architecture, is the best way to address users’ most pressing needs for securing cloud-native applications.

To learn more about how to adopt a holistic approach to container and cloud-native application security and observability, read our free O'Reilly ebook.

Share this content on your favorite social network today!