There is a constant drive in the cybersecurity community to enhance security while streamlining efficiency and increasing productivity. To accomplish these objectives, some organizations turn to Secure Sockets Layer (SSL) type programs, leaving them vulnerable to data breaches.
As Homeland Security Today previously reported, a 2016 Radware study revealed that the number of SSL-based cyberattacks increased by 50 percent in the last year. Furthermore, streamlining security software could open the door for more hacks.
Mike Milner, co-founder and CTO of web-application of IMMUNIO, told Homeland Security Today that as companies move to streamline web applications, they need to implement an agile security system that can identify vulnerabilities, risks and threats while stopping attacks at the first sign of penetration.
“Anyone who’s ever been in charge of a migration of any type (including to a cloud-based infrastructure), staying up to date on everything is not easy,” Milner stated. “It’s highly time consuming to identify vulnerabilities, patch, test, deploy, and then test again in production. In fact, on average vulnerabilities sold on the black market are not discovered for 151 days.”
“Organizations should approach this problem by addressing the exploitation of the vulnerability — an approach we think of as ‘metasecurity,’” Milner added.
Government agencies and private sector organizations can reduce vulnerabilities and overcome security challenges by updating their network systems and working to incorporate new technologies.
“Since government agencies have been quickly transitioning from legacy systems to the cloud, they’re fully embracing the benefits, however security should also remain top of mind – they must adopt a proactive, real-time approach to security,” Milner said. “Prior to this rapid transition the government has been ‘behind the times’ when it comes to the latest technology, including its security capabilities.”
Milner explained that Runtime Application Self-Protection (RASP) solutions can identify vulnerabilities and protect against threats in real-time. Within minutes, RASP can expose a series of exploitation classes, including SQL injections and brute force authentication attempts, among others.
“RASP runs inside the web application, watches for queries and templates being rendered, looks at the headers of requests coming in, and deploys effective, immediate mitigation strategies without the need for complex code updates or hiring specialized consultants,” Milner said.
RASP enables automated detection and blocking of attacks. According to Milner, IMMUNIO automatically adds “sensors” throughout, which inspects each stage of processing for malicious behavior.
“In addition to detecting attacks, each sensor has the ability to change the behavior of the app by blocking the request, serving a captcha, or even modifying attack payloads to render them ineffective, while still allowing normal usage of the application. This provides continuous protection for the application, giving development teams more time to schedule and implement fixes without interrupting the normal development process,” said Milner.
z1As part of long term strategy advancements, public and private organizations should consider moving away from legacy tools and adding advanced tools, such as RASP to improve their protection against new and evolving attack methods.
“Cyber threats, especially in the federal landscape, are always on the rise – and with different employees having access to various levels of classified data, it is crucial that the security system has the capabilities to protect each level and component in the network,” Milner stated.
