Application Security in a Time of Cloud Jan 4, 2022 2:39:29 PM

Application security matters because the entire role of virtual machines and containers is to run their application workload. While teams can take the appropriate measures to secure their infrastructures-such as securing networks and hardening down permissions-it won't help much if the applications deployed on top are insecure. As 2021 ends its "December to Remember" with the massive log4j logging exploit that can't be blocked on a network or host level, my hope and prediction is that future years will secure assets by starting with the application.

When you look at the architecture of any workload, you see a common pattern. The application does the work - it gets its compute and memory from a VM, container, or host. That entity gets its storage from a disk or a NAS. While these resources move up the chain, the security levels stay put and each layer must be secret on its own. A secure host or secured network doesn't travel up to become a secure application. For those undergoing a digital transformation to reduce cost, improve operation, or achieve any other goal, they need to address the question of whether we want to bring old security problems forward or leave them behind.



Jacklyn Kellick 
Public Relations Manager


Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook