This article discusses the pros of applications moving to the cloud, the security dilemma’s surrounding the move, and the explosion of software defined networks and tools. It first appeared in App Developer Magazine on November 9th, 2016. Below is an excerpt:
When Marc Andreessen wrote, “software is eating the world,” he meant that every business is literally turning into software. The problem is that every line of code you write makes you easier to attack. Historically, we dealt with security by putting up walls and scanning. But the complexity of modern software environments has made these approaches ineffective and unscalable. If we can enable applications to assess and protect themselves, however, the need for walls and scanners disappears. We envision a future when all applications are “self-protecting” and can guarantee their own security and resilience despite an increasingly complex and hostile environment.
We had a recent conversation with Jeff Williams, Co-Founder, Chief Technology Officer, of Contrast Security about the pros of applications moving to the cloud, the security dilemma's surrounding the moves, and the explosion of software defined networks and tools.
ADM: What is Contrast Security and how does it differ from competing application security vendors?
Williams: Traditional approaches to application security like SAST, DAST, and WAF come at application security from an external perspective. At Contrast, we invented a way to integrate all these capabilities into a powerful application-layer agent. This agent takes less than a minute to install in application environments, and enables “Self Protecting Software.” That means these applications are empowered to assess themselves for vulnerabilities *and* protect themselves against attacks. Contrast transforms applications into self-protecting software without requiring any changes to how you build, test, or deploy your code. And Contrast is a distributed approach to application security. That means no more scanning applications one-by-one. Instead, we can continuously assess and protect an entire portfolio of applications in parallel. Even better, because Contrast works from inside the application themselves, it has an unfair information advantage over legacy tools, which makes it dramatically faster and more accurate than anything that has come before.
ADM: What happens to security when an application moves to the cloud?
Williams: Typically, it’s not good. When an application moves to the cloud...