The hottest security challenge of Radware cloud ec

  • Detail

Radware: security challenges of cloud ecology

from a historical perspective, application security was once ignored in application delivery. This is because integrating high standard security into all aspects of the application requires a lot of time to test and iterate, which will greatly reduce the development speed of the application and increase the cost budget

radware notes that as enterprises continue to optimize and accelerate the application development cycle, more and more applications are delivered in the public cloud, security has become a huge challenge that public cloud applications have to face. Applications on the public cloud usually run in new architectures, which can provide unprecedented efficiency, flexibility and cost-effectiveness. The popularity of development tools has further accelerated the pace of application development and deployment, and Devops is increasingly playing an active role in application delivery. Automation platforms, powerful business process frameworks, open source toolkits and visual solutions are increasingly playing an important role in the public cloud environment, which also introduces new security risks to the public cloud. For example, as a security component of devop without zero s, devsecops includes security due diligence into the process of driving speed, agility and continuous delivery, but if devsecops lacks automation and visualization, its ability to protect applications will be poor, and thus cannot provide guaranteed security for the continuous delivery process

cloud ecological environment: containers, microservices and service grids with good economic benefits

more and more containers, microservices and service grids appear in the public cloud environment. Radware noted that the transition from monolithic architecture to microservice architecture makes enterprises deploy applications more frequently and deliver different microservices independently in a more reliable way. Container technology is perfectly matched with microservices. Each microservice can be deployed across multiple containers to achieve rapid and flexible deployment, which not only improves the application quality but also shortens the online time

service lattice deals with the level of communication between services in the microservice architecture. Its purpose is to provide flexibility through load balancing, telemetry, traffic routing, health checks, etc., in order to reduce the complexity of the microservice architecture

some of the challenges in the transition to a microservice architecture are related to the size of the objects provided. In the era of monolithic, few monolithic web instances need load balancing. Nowadays, thousands of automatically generated containers need load balancing

security challenges of applications on the cloud

radware's security experts pointed out that the microservice architecture and service grid infrastructure provide all functions, but they cannot solve the challenges of application and data security. In addition to facing the same security challenges as in the past, applications on the cloud also face the challenges of delays, topology changes and parallel management of multiple microservices caused by the distributed characteristics of microservice applications

open web application security (OWASP) provides professionals with major web application security risk tips. Injection, authentication corruption, cross site scripting (XSS) and sensitive data leakage are just a few risk examples related to public cloud and public cloud applications, not all of them

API is widely used in current web applications??, Such as IOT applications, machine to machine communication, event driven web applications, automatic operations in the web framework, function as a service (FAAS) applications, mobile applications, etc. will involve APIs. All these use cases refer to North-South communication, that is, the traffic from the client to the application. Most of the APIs for these use cases have rest APIs with JSON bodies (rest-json). A small part of the API is simple object access protocol (soap) based on XML structured data format

because these APIs run on the HTTP protocol, most web applications have the same security risks as other applications. Just because the API can be provided separately, it brings additional security challenges around authorization and access control

with the increasingly widespread adoption of API, OWA inspected the difference between the travel value of the lower fixture and the straight steel ruler, SP organized to formulate the API security project, and released the top ten versions of OWASP API security. Examples of API security risks mentioned include level authorization, excessive data exposure, lack of resources and rate restrictions, and malicious code injection, all of which may lead to data theft or service interruption

about Radware

Radware is a global leader in providing network security and application delivery solutions for traditional data centers, cloud data centers and virtual data centers. Rad1. Non laboratory machine operators should not operate the machine at will. Ware's award-winning solution portfolio provides global enterprises with infrastructure, applications and enterprise it protection services to ensure their digital experience. Radware solutions have successfully helped customers of more than 12500 enterprises and operators worldwide quickly respond to market challenges, maintain business continuity, and effectively reduce costs while achieving maximum productivity

Copyright © 2011 JIN SHI