At Radware’s recent virtual thought leadership event, The Future of Securing Apps and APIs, application security leaders from large organizations came together to share their thoughts on:
At Radware’s recent virtual thought leadership event, The Future of Securing Apps and APIs, application security leaders from large organizations came together to share their thoughts on:
The future of security is always changing—especially with an increasing number of organizations migrating their applications from on-prem to cloud environments. With this shift, securing distributed and mobile apps is becoming increasingly difficult. So, what new vulnerabilities exist in a hybrid environment? And, how can security professionals protect their IP in a borderless environment?
Radware, a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers, hosted a thought leadership event to discuss these burning questions. On December 1st, they gathered a virtual expert panel atThe Future of Securing Apps and APIs
to share strategies for protecting applications & APIs without disrupting other aspects of your business.
Here are a few top takeaways from our virtual roundtable on the 1st:
1. Leverage AI when possible
Adan Mendoza
of VTX1 Companies said that while his team uses a WAF solution to keep things secure as they move from an on-prem to cloud solution, they also rely heavily on behavioral analytics and artificial intelligence to keep track of “normal” patterns.
If the AI detects an anomalous or suspicious behavior, such as never before seen activity or activity at an unexpected time of the day, the appropriate team members will be notified. This adds an added layer of security to their work environment.
2. Vulnerabilities are the biggest security problem for organizations
In June of 2022, Radware conducted a survey to try and figure out the current environment’s application attack distribution and what tools companies are using to protect their APIs. Prakash Sinha , the panel’s moderator, shared the results during the discussion.
The two biggest security problems found in production APIs in the past 12 months were authentication problems (38%) and vulnerabilities (47%). To protect against this, the most common tools were web application firewalls (WAF) and web application and API protection (WAAP).
3. Applications are more exposed than ever
Sam Satyanathan of Freddie Mac spoke about the difference between historic and current attacks. He said that while historic attacks happened on the network layer, every organization today is functioning off of APIs—creating a greater attack surface for bad actors.
“Not only do you have a base application, but you have single paid applications, [and] you have mobile applications, all of which use APIs behind the scenes. So, if those are not secured properly, it makes it a lot easier for hackers... to try to get into your business.”
4. How to satisfy developers & security teams
During the live Q&A at the end of the event, one participant asked about developers moving too fast on their projects without keeping security teams in the loop. In his example, developers are creating products to meet the business KPIs, and if security gets in the way, they’re slowing them down and creating a roadblock within the organization. So, how do you keep both parties happy?
Prakash shared a customer story and suggested a similar solution. Their team worked in a Kubernetes-based environment and automatically distributed a corporate-approved security profile to new deployments. In this way, security teams still have control over how services are exposed without hindering DevOps’s productivity.
4.Communication is key
Especially in a large organization, it’s critical to keep in constant communication across departments to maintain visibility over all systems in play. Adan stated, “Sometimes, we don’t know what we don’t know, so it’s important to stay in sync anytime... that something comes up.”
He also emphasized the importance of following best practices so that everyone’s in the loop on who’s responsible for updating which systems, etc.
If you’re interested in hearing more about the discussion with Radware and our expert panelists, simply fill out the form at the top of the page. We’ll send you the full panel recording, as well as exclusive, bite-size video clips from the event.
Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application and corporate IT protection and availability services to enterprises globally. Radware’s solutions empower more than 12,500 enterprise and carrier customers worldwide to adapt quickly to market challenges, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com
The Adobe family of companies would like to keep you informed with personalized emails about products and services. See our Privacy Policy for more details.
Please contact me via email.
By clicking “Submit” I agree that I have read and accepted the Terms of Use.
adobe.com
Adobe Privacy Center
Adobe Privacy Policy
adobe.com
Adobe marketing and advertising practices I Adobe
Adobe marketing and advertising practices
adobe.com
Adobe Privacy Center
Adobe Privacy Policy
adobe.com
Legal
Legal Terms of Use for Adobe products & services