web analytics

10 Ways a Digital Shield Protects Apps and APIs – Source: www.darkreading.com

10-ways-a-digital-shield-protects-apps-and-apis-–-source:-wwwdarkreading.com
Rate this post

Source: www.darkreading.com – Author: Joshua Goldfarb

5 Min Read

digital shield in a man's hand

Source: Sarayut Thaneerat via Alamy Stock Photo

When network architectures were simpler, so was protecting apps and application programming interfaces (APIs). They were predominantly on-premises, so defense-in-depth practices could be applied to enterprise networks. While far from perfect, this approach provided multilayer security defenses to protect apps and APIs.

As network architectures gradually became more complex, so did protecting apps and APIs. The on-premises enterprise environment gave way to a hybrid mix of on-premises, data center, and multiple cloud environments. These days, hybrid and multicloud environments are more the rule than they are the exception. They introduce complexity and challenges that make it significantly more difficult for organizations to apply defense-in-depth practices to protect apps and APIs.

While the idea of rebuilding the enterprise perimeter doesn’t make much sense in the current state, perhaps there is another way to bring requisite protections to apps and APIs. What if organizations could open an umbrella — a digital shield, if you will — around their hybrid and multicloud environments? This would allow them to add layers of protections that would, at least logically speaking, bring defense-in-depth practices to modern network architectures.

What are some of the essential elements and functionality of a digital shield? I’ll explain 10 of them here.

1. Standardized Communication

The first step in protecting apps and APIs is standardization across different environments. This doesn’t mean that all environments need to be homogeneous, of course. Rather, it means that all environments need a common, central management interface. There also needs to be a straightforward way to understand what environments exist, where they are, how they are connected, and what is running inside of them.

2. Uniform Policy

The ability to uniformly apply and enforce security policy is another important step in protecting apps and APIs. Attackers are always on the lookout for the weakest link. When there is inconsistency in how environments are managed or a large amount of manual labor involved in managing those environments, that opens up holes that attackers can exploit. One of the top benefits of security policy standardization is the ability to reduce the number of weaknesses and points of failure that attackers can leverage.

3. Proper Visibility

Just like when networks were largely on-premises, telemetry and other data requisite for visibility reign supreme — even in modern network architectures. Continuous security monitoring is driven, first and foremost, by visibility. Without the ability to see traffic to and from apps and APIs across all environments, security teams don’t have the ability to monitor their environments for potential security and fraud issues.

4. Reliable Alerting

While visibility is extremely important, it needs to be properly leveraged to create and sustain reliable alerting across hybrid and multicloud environments. This means identifying critical assets and key resources and creating incisive alerting that cues the security team to unusual, suspicious, or malicious activity. For alerting to be considered reliable, it must have low false-positive rates and high true-positive detection rates. This allows an organization to hone its detection and response capabilities — without burying itself in noise.

5. Response Capability

When a security incident is identified, the proper incident response needs to be triggered. This requires not only proper visibility across hybrid and multicloud environments, but also the ability to query, analyze, and interrogate telemetry data from those environments. This is easier said than done, of course, and is an important part of any digital shield.

6. Good Governance

Managing the life cycle of apps and APIs is also an important, yet sometimes neglected, part of securing them. Having apps and APIs inventoried, managed, controlled, versioned, compliant with schema, processing input and output as expected, and adherent to change control procedures makes them less prone to vulnerabilities being introduced during the software development life cycle (SDLC). Proper governance is an all too often overlooked component to protecting apps and APIs, requiring the capabilities that a digital shield provides.

7. Central Controls

Preventive and detective controls work collaboratively to help secure apps and APIs. Preventive controls help secure environments against attacks they face. But because preventive controls are never 100% effective, detective controls augment preventive controls by alerting security teams when security incidents occur. Managing this symbiotic relationship across multiple environments can be extremely complex and difficult without a centralized management capability.

8. Vendor Agnosticism

Getting locked into cloud providers and the array of technologies and solutions they offer is never fun. Part of the appeal of a digital shield is that, in addition to providing an added layer of protection, it acts as a logical overlay to different cloud environments. This allows organizations to leverage available capabilities via one common interface, rather than needing to develop vendor-specific and vendor-dependent capabilities in each and every cloud environment.

9. Defense-in-Depth

Defense in depth and multilayer security are nothing new. They are fundamentally simple in theory yet difficult to implement in practice. The idea of having multiple layers of protection around apps and APIs to avoid single points of failure and weakness makes sense logically. Managing this approach, however, without a digital shield capability is a difficult undertaking due to the complexity of modern network architectures.

10. Simplified Operations

Maximizing the capabilities of defensive technologies is difficult unless operating them is relatively straightforward. Simplified operations require many components. Among them are executive dashboards to convey value to executives and the board; the ability to easily manage, maintain, administer, and secure infrastructure, apps, and APIs; the ability to uniformly and universally apply policy; and the ability to analyze and investigate events and incidents. These and other capabilities allow organizations to maximize the potential of the digital shield as a logical overlay and additional layer of defense.

Raise Your Shield

Protecting apps and APIs is an important undertaking for any organization. While the effort involves many moving parts, leveraging a digital shield as a logical overlay and added layer of defense can greatly simplify app and API security. Reducing complexity and centralizing management into one logical overlay platform can help organizations ensure that they maximize their technology investments and minimize the potential for risk, weakness, and vulnerability introduced by complexity, oversight, and human error.

Original Post URL: https://www.darkreading.com/cloud-security/10-ways-a-digital-shield-protects-apps-and-apis-in-a-distributed-cloud-world

Category & Tags: –

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas...
CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

CASOS DE USO APLICABLES EN UN SIEM
CASOS DE USO APLICABLES EN...
IGNITE Technologies
Burp Suite for Pentester
Burp Suite for Pentester
The Institute of Internal auditors
Auditing Risk Culture
Auditing Risk Culture
DevSecOps Guide
ATTACKING PHP APPLICATIONS
ATTACKING PHP APPLICATIONS
DevSecOps Guide
ATTACKING KUBERNETES WITH SECURITY BEST PRACTICE
ATTACKING KUBERNETES WITH SECURITY BEST...
CLTC WHITE PAPER SERIES
Guidance for the Development of AI Risk and Impact Assessments
Guidance for the Development of...
Active Directory
Active Directory IT AuditChecklist
Active Directory IT AuditChecklist
A guide to business continuity planning
A guide to business continuity...
LOG RHYTHM
Using MITRE ATT&CK™ in Threat Huntingand Detection
Using MITRE ATT&CK™ in Threat...
Kaspersky
H2 2023 – A brief overviewof main incidentsin industrial cybersecurity
H2 2023 – A brief...
Andrey Prozorov
24 Great Cybersecurity Frameworks
24 Great Cybersecurity Frameworks
ENISA-EUROPA
SEGURIDAD DE TELECOMUNICACIONES
SEGURIDAD DE TELECOMUNICACIONES

More Latest Published Posts

SF-ISAC
Digital Operational Resilience Act
Digital Operational Resilience Act
SYNGRESS
DIGITAL FORENSICS WITH Open Source TOOLS
DIGITAL FORENSICS WITH Open Source TOOLS
IT REVOLUTION DEVOPS ENTERPRISE FORUM
DevOps Automated Governance Reference Architecture
DevOps Automated Governance Reference Architecture
SANS GIAC CERTIFICATIONS
Detecting Attacks on Web Applications from Log Files
Detecting Attacks on Web Applications from Log Files
EUROPEAN DATA PROTECTION SUPERVISOR
ANNUAL REPORT 2023
ANNUAL REPORT 2023
TechTarget
IT Disaster Recovery Plan Template
IT Disaster Recovery Plan Template
Opstune
IOC Scan Framework v2.0
IOC Scan Framework v2.0
Federal Office for Information Security
Indirect Prompt Injections
Indirect Prompt Injections
the Department of the Environment Climate and Communications
Guidelines on CyberSecurity Specifications
Guidelines on CyberSecurity Specifications
Edelman
INCIDENT RESPONSE REFERENCE GUIDE
INCIDENT RESPONSE REFERENCE GUIDE
Security METRICS
Security Metrics Guide to PCI DSS Compliance
Security Metrics Guide to PCI DSS Compliance
SOC TIPS Cybersecurity
Guia de Resposta a Incidentes de Segurança para LGPD
Guia de Resposta a Incidentes de Segurança para LGPD
CDCP
FIREWALL Audit CHECKLIST
FIREWALL Audit CHECKLIST
GitGuardian
Secrets Management Maturity Model
Secrets Management Maturity Model
MegaCorp One
Sample Penetration Test Report
Sample Penetration Test Report
FORTINET
Routing in FortiGate
Routing in FortiGate
FUTURE OF PRIVACY FORUM
Risk Framework Body Related Data (PD) Immersive Tech
Risk Framework Body Related Data (PD) Immersive Tech
ENISA
Remote ID Proofing Good Practices
Remote ID Proofing Good Practices
Google
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Red Canary
Threat Detection Report 2024
Threat Detection Report 2024
HADESS
Pwning the Domain Persistence
Pwning the Domain Persistence
Australian Goverment
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
CISC (Comité Internacional Sobre Ciberseguridad)
Política Nacional de Ciberseguridad 2023-2028
Política Nacional de Ciberseguridad 2023-2028
Google
Perspectiveson Securityfor the Board
Perspectiveson Securityfor the Board
HADESS
OSINT Method for Map Investigations
OSINT Method for Map Investigations
CCN-CERT
Observatorio Riesgos Ciberseguridad 2024
Observatorio Riesgos Ciberseguridad 2024
CYBERTHEORY
The ISMG Cybersecurity Pulse Report 2024 is a treasure trove of insights from the RSA Conference, revealing the dynamic landscape of cybersecurity. From AI to Zero Trust: A comprosive guide to the key themes and expert opinions from RSA CONFERENCE 2024 – #RSAC2024
The ISMG Cybersecurity Pulse Report 2024 is a treasure trove of insights from the RSA Conference, revealing the dynamic landscape of cybersecurity. From AI to Zero Trust: A comprosive guide to the key themes and expert opinions from RSA CONFERENCE 2024 – #RSAC2024
FORTINET
Bloking Malware Through Antivirus Security Profile in FortiGate
Bloking Malware Through Antivirus Security Profile in FortiGate