New York Tech Media
  • News
  • FinTech
  • AI & Robotics
  • Cybersecurity
  • Startups & Leaders
  • Venture Capital
No Result
View All Result
  • News
  • FinTech
  • AI & Robotics
  • Cybersecurity
  • Startups & Leaders
  • Venture Capital
No Result
View All Result
New York Tech Media
No Result
View All Result
Home Cybersecurity

The threats of modern application architecture are closer than they appear

New York Tech Editorial Team by New York Tech Editorial Team
December 7, 2021
in Cybersecurity
0
How to automate configuration review
Share on FacebookShare on Twitter

Modern applications and software have evolved as the transition to the cloud was accelerated by widespread digital transformation, as enterprises of all sizes made heavy investments in their technology stacks. This opened the floodgates for a new era of technology, with developers creating software for business use at a much higher level than previously.

modern application

The progress within modern application development doesn’t directly translate to the security world, however, as it often ends up being the aspect that gets left behind. Security – specifically software security testing – has always lagged when it comes to widespread adoption. Even as digital transformation has revolutionized business operations on a global scale, the failure to adopt modern testing practices has affected security’s ability to simultaneously evolve with both the times and technology. Some organizations have failed to recognize that every new technology comes with the overhead of new weaknesses and attack vectors and a new set of necessary tests.

While many modern applications include features that innovative organizations crave within their technology stacks, these future-fueled applications can inadvertently uncover some opportunities for potential adversaries. Even worse, many of these vulnerabilities can go overlooked by security teams as they learn to navigate modern architectures that aren’t immediately adaptable to their typical security testing practices.

In order to maintain a more proactive and defensive approach, security professionals need to consider instilling new testing regimens and processes to remain ahead of the curve and ensure their respective organizations remain protected on their watch.

Modern application testing is key for visibility

When it comes to navigating modern application architecture, the biggest challenge for security professionals and IT managers is processing the number of different components that now need to be acutely factored into their decision-making, especially when it comes to security testing.

Technology has advanced in a way that developers can enact different functionalities by combining various modules together (not just the classic code, but also different containers, orchestrations, infrastructures and APIs), but each of these components will require its own distinct set of best practices when it comes to the security testing needed to protect the entire application.

Testing each modern app component separately – the way security testing was historically done – is no longer going to provide the holistic visibility needed to properly analyze an organization’s security posture, meaning that the days of traditional solution testing are behind us.

Security professionals need to have everything tested together, as a complete application and with the context of full functionality, to truly understand how the whole stack operates and communicates. This isn’t just for each building block of the solution, but the connection points between each block as those correlation points represent some of the most susceptible vulnerability points where adversaries lurk.

The shift left vs. shift right debate

A large contributor to the rising issues with modern application security testing lies in the shift left vs. shift right debate. While common in the security industry, the conversation tends to generate friction in the developer community.

Shift left approaches begin to yield vague and general results with the developer writing the first line of code, and vulnerabilities can be caught as early as possible. On the other hand, shift right aligns with where vulnerabilities are detected closer to the full deployment of the software, sometimes only in production runtime.

Shifting toward the right is usually the easier approach, as it provides results that are more accurate and actionable, enabling developers to run the code and then find the mistakes, but it isn’t always the desirable choice, as many times the detection is simply too late. That means the fixes are harder, costlier, and in worst-case scenarios, your organization could already have been exposed to any given vulnerability. On the other hand, shift left enables developers to see the security testing results as early as possible, saving both time and money for IT teams in the long run.

The key to conquering this tension is fostering a painless testing methodology that can be envisioned as “one platform to rule them all.” Having one platform that runs an analysis on all relevant components – code, infrastructure, APIs, containers and third party software – all by one engine that also takes into account the correlation points between each component, provides holistic visibility that is needed for enhanced modern app architectures.

Additionally, this enables security professionals to harness a shift-left mentality, as having the results and context all displayed within one platform provides that visibility at a much earlier stage and allows for action to be taken in real-time, instead of after the software has been fully deployed.

This all may sound too good to be true – and it is – but just for right now. The industry is moving in this direction where these advancements in security testing are heavily needed as organizations continue to adopt new software and services by the day. As the average enterprise technology stack becomes increasingly layered with new and innovative applications, they will all be rendered useless and even dangerous if the vulnerabilities within them go undetected. The future of modern application architecture is here – shouldn’t the proper security testing techniques follow suit, as well?

Credit: Source link

Previous Post

EU key management in 2022

Next Post

Fintech boss fires 900 staff on one Zoom call

New York Tech Editorial Team

New York Tech Editorial Team

New York Tech Media is a leading news publication that aims to provide the latest tech news, fintech, AI & robotics, cybersecurity, startups & leaders, venture capital, and much more!

Next Post
Fintech boss fires 900 staff on one Zoom call

Fintech boss fires 900 staff on one Zoom call

  • Trending
  • Comments
  • Latest
Meet the Top 10 K-Pop Artists Taking Over 2024

Meet the Top 10 K-Pop Artists Taking Over 2024

March 17, 2024
Panther for AWS allows security teams to monitor their AWS infrastructure in real-time

Many businesses lack a formal ransomware plan

March 29, 2022
Zach Mulcahey, 25 | Cover Story | Style Weekly

Zach Mulcahey, 25 | Cover Story | Style Weekly

March 29, 2022
How To Pitch The Investor: Ronen Menipaz, Founder of M51

How To Pitch The Investor: Ronen Menipaz, Founder of M51

March 29, 2022
Japanese Space Industry Startup “Synspective” Raises US $100 Million in Funding

Japanese Space Industry Startup “Synspective” Raises US $100 Million in Funding

March 29, 2022
UK VC fund performance up on last year

VC-backed Aerium develops antibody treatment for Covid-19

March 29, 2022
Startups On Demand: renovai is the Netflix of Online Shopping

Startups On Demand: renovai is the Netflix of Online Shopping

2
Robot Company Offers $200K for Right to Use One Applicant’s Face and Voice ‘Forever’

Robot Company Offers $200K for Right to Use One Applicant’s Face and Voice ‘Forever’

1
Menashe Shani Accessibility High Tech on the low

Revolutionizing Accessibility: The Story of Purple Lens

1

Netgear announces a $1,500 Wi-Fi 6E mesh router

0
These apps let you customize Windows 11 to bring the taskbar back to life

These apps let you customize Windows 11 to bring the taskbar back to life

0
This bipedal robot uses propeller arms to slackline and skateboard

This bipedal robot uses propeller arms to slackline and skateboard

0
New York City

Why Bite-Sized Learning is Booming in NYC’s Hustle Culture

June 4, 2025
Driving Innovation in Academic Technologies: Spotlight from ICTIS 2025

Driving Innovation in Academic Technologies: Spotlight from ICTIS 2025

June 4, 2025
Coffee Nova’s $COFFEE Token

Coffee Nova’s $COFFEE Token

May 29, 2025
Money TLV website

BridgerPay to Spotlight Cross-Border Payments Innovation at Money TLV 2025

May 27, 2025
The Future of Software Development: Why Low-Code Is Here to Stay

Building Brand Loyalty Starts With Your Team

May 23, 2025
Tork Media Expands Digital Reach with Acquisition of NewsBlaze and Buzzworthy

Creative Swag Ideas for Hackathons & Launch Parties

May 23, 2025

Recommended

New York City

Why Bite-Sized Learning is Booming in NYC’s Hustle Culture

June 4, 2025
Driving Innovation in Academic Technologies: Spotlight from ICTIS 2025

Driving Innovation in Academic Technologies: Spotlight from ICTIS 2025

June 4, 2025
Coffee Nova’s $COFFEE Token

Coffee Nova’s $COFFEE Token

May 29, 2025
Money TLV website

BridgerPay to Spotlight Cross-Border Payments Innovation at Money TLV 2025

May 27, 2025

Categories

  • AI & Robotics
  • Benzinga
  • Cybersecurity
  • FinTech
  • New York Tech
  • News
  • Startups & Leaders
  • Venture Capital

Tags

3D bio-printing acoustic AI Allseated B2B marketing Business carbon footprint climate change coding Collaborations Companies To Watch consumer tech crypto cryptocurrency deforestation drones earphones Entrepreneur Fetcherr Finance Fintech food security Investing Investors investorsummit israelitech Leaders LinkedIn Leaders Metaverse news OurCrowd PR Real Estate reforestation software start- up Startups Startups On Demand startuptech Tech Tech leaders technology UAVs Unlimited Robotics VC
  • Contact Us
  • Privacy Policy
  • Terms and conditions

© 2024 All Rights Reserved - New York Tech Media

No Result
View All Result
  • News
  • FinTech
  • AI & Robotics
  • Cybersecurity
  • Startups & Leaders
  • Venture Capital

© 2024 All Rights Reserved - New York Tech Media