AlgoSec: Securing and automating application connectivity
It almost goes without saying these days - organizations must deliver applications without compromising security. Easier said than done.
Business applications these days are the lifeblood of any organization, and as network teams continue to shift more sensitive data from the datacenter to the cloud, security and compliance have become monumental considerations. Couple that with the proliferation of shadow IT, public cloud apps, and SaaS offerings, and the stakes can get even higher.
Conversely, business applications are also the principal target of attackers seeking access to an organization’s most sensitive information, and as application deployment approaches become more dynamic and extend to the external cloud platforms, the number of possible attack vectors is multiplying. This puts enormous pressure on organizations to develop security strategies that can help quickly uncover weaknesses at the application level and mitigate potential cyber attacks.
With all this at play, it begs the question: “how can organizations meet the demands of their business application owners while also securing and automating their connectivity?”
Safeguarding the business applications is hard, but here's what to do about it
In the cybersecurity space companies look to protect the business applications in one of three ways - either they protect the code, or the data or the connectivity.
When it comes to securing connectivity, most systems still rely on legacy tools or manual labor that require security teams to accept risks without understanding its potential risks and vulnerabilities, and without awareness of the applications impacted. Furthermore –in many cases, they are not even aware of the presence of any risks at all.
“One of the major things that we’re seeing customers struggle with is how to secure their application connectivity, comply with various regulations around the world, and at the same time address their core business needs. To achieve these sometimes-conflicting goals, organizations need to adopt an application centric approach in which they will be able to not only better manage their security policies but more importantly, better secure the applications that drive their business. This means that every application needs to be accounted for its specific business purpose, communication flow, user behavior activity and its associated firewall policy rules. This is especially vital for global applications that connect the datacenter to the cloud" states Yuval Baron, AlgoSec Co-Founder and CEO.
Still dealing with blind spots? Expect application security and compliance to be lost causes
Another big challenge facing security teams is the lack of visibility to the entire network estate when trying to enforce new policy rule changes, which is akin to throwing darts in the dark. And then there are global compliance regulations: many are cumbersome, challenging to manage and extremely difficult to implement, even with the best tools at your disposal. This often requires that CISOs be adept at leveraging and collaborating with various global organizations that all impact their organization’s risk profile. Ultimately, this may prove a costly endeavor without effective technology tools in place.
"Gaining true visibility of every application across the entire network - running in the datacenter and the cloud, is paramount to developing any effective network security strategy. Without granular visibility into the topography, security teams are not only denied the ability to discover and map business applications but also can't identify compliance gaps, which means they can’t flag applications and security policies that are potentially non-compliant," explains Baron.
To Baron’s point, as businesses look to deploy more applications faster, SecOps teams will generally require additional security tools capable of providing higher visibility into what happens inside an organization's environment. The problem is that traditional solutions often use technologies that are far too stringent. These technologies are not always capable of spotting business critical application vulnerabilities which could impact data sensitive assets. On top of that, they may not be powered with the latest compliance regulations, which if left undetected, could lead to severe violations.
Balancing security and agility without cutting corners? Yes, it can be done
In today's digital transformation journey, organizations need to be more agile in their IT operations to better respond to customer needs, address business challenges and compete in the digital economy. It also requires that they respond faster to their own business needs by streamlining manual processes for provisioning new applications and updating existing ones. This is especially challenging nowadays as modern organizations are becoming more hybrid and moving more of their business applications from on-premise datacenters to cloud environments.
According to Baron, the way to achieve the right balance between security and agility is by “deploying tools that automate with zero-touch much of the manual work involved in securing the connectivity of business applications and provide visibility into compliance and risk exposure across their entire application portfolio. Any security solution must include automation with a special focus on the applications to meet business agility requirements. Otherwise, security silos will occur and resources will be spent on multiple challenges instead of scaling.”
The State of Utah’s Department of Technology (DTS) is an example of how taking an application centric to automate the entire security policy change process can lead to optimal results. Using advanced network application visibility and analytical tools, they were able to gain full access to their application environment, understand their connectivity behavior and their associated firewall rules. From application design and submission to proactive risk analysis, implementation validation and auditing, they were able to eliminate manual errors while also improving their security posture and reducing risk.
Using unlimited resources to bolt the latest and greatest security products on to the network to keep business applications in check and enable automation for network security policy management needs, would seem as the ideal solution. But in reality, this approach ends up being very costly and highly ineffective for large organizations managing complex networks using multi vendor security controls.
A prototypical example of that is Nationwide Insurance, who was struggling to find an automation solution for their application connectivity and network security policy management. Focusing on the application behavior within their multi vendor network environment, they were able to automate the application connectivity and security policy management. Subsequent to deployment, their SecOps teams managed to reduce the time needed to implement application change requests - from 10 days to just hours, making their application owners’ lives easier. Furthermore, they also managed to eliminate application risks associated with duplication errors, saving on valuable resources.
Finally, a champion for securing and automating application connectivity
Baron co-founded AlgoSec in 2004 with Professor Avishai Wool, AlgoSec’s CTO, and has served as its CEO and Chairman ever since. According to Baron, AlgoSec’s formation was inspired by his relentless drive to fill a growing need in the cybersecurity industry for a more innovative and comprehensive security solution. Prior to founding AlgoSec, Mr. Baron co-founded Actelis Networks Inc. in 1998 and served as its CEO. Baron leverages his experience in cybersecurity solutions as the basis for continued growth and innovation. His goal is to continue setting new standards and meeting the ever-evolving needs of the largest organizations in the world, to secure application connectivity anywhere – in the datacenter or the cloud.
Baron recognizes that staying ahead of the cyber threat trends isn’t rooted in chasing new tools but in deploying best practices based on identified threat analysis. In his mind, the way to be most effective is to look directly at those newly identified threats and discover technologies and strategies to deal with them. When asked about his passion for wanting to help shape the future, he states, “There has never been a more appropriate time for rapid evolution of technology. The business demands on organizations to roll out new and updated applications are becoming more challenging than ever. Without the proper tools, organizations will continue to miss critical security threats at the application level. Although we know what needs to be done, getting it done is a challenge as it requires changing business processes that drive old habits of security - that's a mindset shift I would want to spearhead in the coming years.”