Organizations are moving more applications to the cloud as they look to reap benefits such as cost savings, easier scalability, and greater agility. Many of these business applications hold and exchange critical, highly sensitive data, and have therefore become prime targets for hackers and other cyber criminals looking to exploit the information.
A key question for companies, then, is how can they ensure that these cloud-based applications are as secure as they were when they were housed in traditional, on-site data centers? It’s not a trivial consideration given that attacks against applications and APIs are becoming increasingly sophisticated and effective.
Research from Gartner Inc. in 2018 shows that more enterprises are placing a greater emphasis on application security. The firm, in estimating that worldwide spending on information security products and services would reach more than $114 billion in 2018, an increase of 12% percent from the previous year, cited application security as one of the growth areas.
The firm also predicted that application security products and services, which totaled $2.43 billion in 2017 and $2.74 billion last year, will rise to $3 billion in 2019.
Another study, by Markets and Markets, said the worldwide application security market is expected to grow from $2.79 billion in 2017 to $9 billion by 2022, at a compound annual growth rate (CAGR) of 26%.
The market is gaining traction due to the growing need to protect enterprise applications and data from emerging application layer attacks, the report said. Many enterprises still use applications that contain vulnerabilities, which if exploited, could result in huge losses for the organizations, it said.
Among the other market drivers are government regulations, the increasing sophistication level of cyber attacks, and growing deployment of third-party applications.
An Effective Solution
One possibility for protecting applications is to deploy legacy Web application firewalls (WAF). But some of these offerings use static, rule and signature-based approaches that are not designed to keep up with today’s rapidly evolving cyber security threats. They’re also not designed to scale and cover complex application environments.
In addition, legacy WAF tools can require frequent tuning and increased monitoring, which places big operational burdens on security teams.
A newer and potentially more effective option is to use threat detection and neutralization tools based on attacker behavior. With this approach the focus is on building a progressive risk profile of the attacker rather than just the application and anomalies.
These tools are capable of identifying threats in real-time, with a high level of precision, and are designed to eliminate costly false positives and latency issues. The cloud-based offerings allow companies to maintain deep visibility into security vulnerabilities and reduce operational burden by eliminating the need to maintain rules. Another benefit is rapid deployment; in some cases, applications can be secured within hours, rather than weeks.
Whereas legacy WAF tools require continual, manual tuning and customization of hundreds of static rules and signatures to effectively block malicious entities without blocking legitimate traffic, tools based on attacker behavior provide an automated response based on risk analysis and clearly articulated patterns of behavior.
Dynamic rule sets evolve with threats and changes to the environment. That’s important in today’s highly dynamic security environment, where threats are constantly changing and new threats emerging.
Some of these newer tools provide a machine learning capability that determines appropriate application inputs and responses, while continuously adapting to changes in the application and its environment. The benefits of this include rapid application baselining, quicker identification of threats and fewer false positives.