Despite its theoretical conception in the 1960s1, cloud computing has only truly emerged and taken hold in the last decade. Organizations are now striving to find the balance in utilizing both the private and public cloud - what we refer to as the hybrid cloud environment.
While this middle ground has allowed for greater flexibility, it also complicates the desire and need to protect the data housed in these environments. Not to mention the sure volume of data, which grows at an annual compounding rate of 42% (according to the IDC). As a result, it is unrealistic to expect static signature-based security models to remain effective while continuing to offer protection for today's web applications. In this respect, legacy approaches to web application protection are fundamentally broken and often result in:
- Costly false positives
- Poor application response times
- Impeding agile development
- Overworked security teams
- Untenable event analysis and maintenance burdens