Displaying items by tag: Application security

GUEST OPINION:  While many eyes are on generative AI to find coding efficiencies, sizable efficiency gains are still possible with augmentation of existing DevOps practices.

The rise of AI-driven attacks and accelerated software delivery cycles makes it more difficult to protect organisations, as 89% of CISOs say application security remains a blind spot

COMPANY NEWS: Dynatrace (NYSE: DT), the leader in unified observability and security, has released its annual CISO survey. This year’s report, “The state of application security in 2024”, reveals that Australian organisations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats. The results indicate that CISOs find it difficult to drive alignment between security teams and the C-suite, leaving gaps in the organisation’s understanding of cyber risk. As a result, they find themselves more exposed to advanced cyber threats, at a time when AI-driven attacks are on the rise.

Security and engineering teams can now save time by focusing on real application security problems with zero false positives, as validated by the OWASP benchmark result of 100+% accuracy.

GUEST OPINION by Prakash Sinha, Radware: ‘Identity as a perimeter’ is a concept in cybersecurity that represents a shift in the traditional approach to network and application security.

GUEST OPINION: API security is a top priority for any organisation wanting to protect customer data from malicious attacks. With the rise of Kubernetes as the de facto standard for container orchestration, many security solutions have emerged.

Analyst firm Gartner has identified three factors influencing growth in security spending.

Software Intelligence company Dynatrace's Application Security Module is being updated to detect and protect against vulnerabilities in runtime environments, including the Java Virtual Machine, Node.js runtime, and .NET CLR, as well as supporting Go applications.

GUEST OPINION: Managing applications as well as the network and compute infrastructure around them used to be easy. Everything sat in a private data centre and there weren't that many applications to begin with.

With 95% of cybersecurity breaches being caused by human error, alongside zero-days, sophisticated hacks, spear fishing, social engineering and more, Ben Jones explains the state of play in today's world of cybersecurity, and his partnership with famous White House hacker/prankster James Linton.

Security vendor Radware's SecurePath is a new, cloud-based application security architecture for protecting applications deployed in multi- and hybrid-cloud environments, providing full application visibility and centralised security management.

Secure coding training specialist Secure Code Warrior's annual The State of Developer-Driven Security survey has found that 86% do not view application security as a top priority when writing code, despite paying lip service to a security-led software development lifecycle.

COMPANY NEWS: Software intelligence company Dynatrace today announced it has been named a leader in the 2022 GigaOm Radar for Cloud Observability Solutions. The report evaluated solution providers based on a range of key criteria, including technical capabilities, product roadmap, innovation, and ability to execute. GigaOm placed Dynatrace in its Leaders Circle because of its uniquely comprehensive approach, which combines deep and broad observability, continuous runtime application security, and advanced AIOps to deliver answers and intelligent automation from data in increasingly complex, cloud-native environments. In addition, GigaOm awarded Dynatrace the highest possible scores across all categories in the radar's key criteria for evaluating cloud observability solutions.

GUEST OPINION: Cybercrime flourished in 2021, and there are no signs of a slowdown in 2022. There are several factors behind this high-confidence prediction.

More needs to be done to protect against application security threats, particularly newer threats like bot attacks, API attacks, and supply chain attacks, according to one global security firm.

Global organisations are struggling to maintain consistent application security across multiple platforms, and they are also losing visibility with the emergence of new architectures and the adoption of application program interfaces (APIs), according to one security solutions vendor.

Nearly 60 percent of developers cite the unity of business and DevOps as the biggest challenge they face in adopting low-code development platforms

GUEST RESEARCH: OutSystems, the global leader in modern application platforms - including low-code development - has shared results from an InfoBrief study by leading IT market research and advisory firm IDC.

The Asia/Pacific 2020 Software Survey: DevOps, DevSecOps, and the Future of Digital Innovation, sponsored by OutSystems, delves into how organisations in Asia-Pacific can turn into digital innovation factories to thrive in today’s business environment. According to the results obtained, 39 percent of Asia-Pacific IT leaders depend on visually-guided development tools. The top three reasons for adoption were the belief that visually-guided development tools are the future – the simplification of the developer experience, and the provision of a more intuitive developer experience. With more than half of Asia-Pacific decision-makers confident their organizations will rely on low-code platforms for at least a quarter of all planned projects, low-code tools are set to gain critical mass adoption in the upcoming year 2021.

With the Asia-Pacific region now in rapid growth, the region is set to further expand into an increasingly formidable data powerhouse by 2024,” said Mark Weaser, Vice President, Asia Pacific, OutSystems. “It’s only natural for enterprises in our region to gravitate towards the dramatic benefits of using visual development tools for building cloud-native applications. OutSystems is privileged to be able to support the needs of businesses in the provision of low-code and cloud technology to help the region reach its full potential as a digital data powerhouse in the near future.”

Catching up with early adopters

Organisations in Australia and New Zealand are relatively mature in their DevOps journeys, and are increasingly looking at customer experience (CX) as a major priority for digital transformation. 20 percent of companies in the region are focusing on the creation of evocative customer experiences, with slightly fewer (19 percent) suggesting that employee satisfaction is the primary goal of their software development.

Primary challenges

Aligning DevOps with core business processes and thinking ranks as the top challenge for enterprise across ANZ, with 59 percent of organisations citing it as their main application development concern. This is closely followed by the challenge of ensuring security by design, at 53 percent, and the management of interdisciplinary DevOps teams closely behind that, at 52 percent.

“Having spoken to multiple developers in the region, OutSystems is aware of the mounting concern for integrated security, particularly with the rising scale and instances of data theft today,” stated Weaser. “OutSystems provides a range of security functions encompassing application security, Virtual Private Cloud (VPC) infrastructure and an always-on incident response team. While OutSystems focuses on accelerating application development, we believe speed cannot come at the expense of security. We provide clients with nothing less than a secure runtime environment and the tools necessary for secure development.”

Post-Covid-19 agility

On security in the wake of the Covid-19 crisis, IDC expects software development lifecycles to continue to shorten and gathers that enterprises should take care in integrating security into planning phases in order to stay ahead of the curve. Rising customer expectations can and should be met with innovative customer experiences to engender the creation of new markets and audiences; risk-taking, data analysis and continued incorporation of customer feedback does well in driving new ideas on new platforms.

With hiring freezes, labour crunches and tightening regulations, companies are encouraged to start recruitment planning before the need to fill the post arrives. 19 percent of organisations in the region consider training and hiring the right people to be a main IT priority, so building apps enables upskilling and continuous education, whereas letting business developers work side-by-side with IT helps address development shortfalls.