Discover Performance

HP Software's community for IT leaders // September 2014
Subscribe

Go where the enemy is: Cover your apps

The adversary is putting more effort into your applications. Here’s how you can do the same.

The bottom line

What: CISOs need to focus on protecting the application.
Why: Most attacks are at the app layer; most of your protection isn’t.
How: Security pros need to see what’s happening in the app, in context.

More: Read about HP Application Defender.

When cybercriminals change their tactics, security professionals need to change right along with them. Over the years, hackers have shifted their sights from the network to the OS and on to applications. Today, about 84 percent of security breaches target the application layer—but CISOs are struggling to adapt.
 
To date, enterprises have mostly doubled down on network-layer and perimeter-based defense techniques. Network-layer tripwires detect breaches and anomalies within applications some of the time, but not nearly often—or intelligently—enough to be an adequate defense, especially in light of the significant growth of enterprises’ application portfolios.
 
Today’s app-centric threat landscape requires a more strategic approach, designed specifically for sophisticated app-exploitation techniques.

The shift to applications

In hindsight, cyber crime’s stealthy creep from network attacks to application attacks is something we might have predicted. After all, attackers had been getting diminishing returns from their network-layer tactics. So it’s no surprise that the adversaries moved the battle lines—especially when applications present such a big target.
 
Thanks in part to widespread use of mobile devices and employees’ embrace of increasingly specialized third-party cloud apps, organizations have increased their application footprint dramatically. The largest enterprises may have 90,000 application instances and 3,000 web-based properties.

The state of application security

Our applications aren’t all easy targets, of course. In addition to the intact, but insufficient, methodologies for network-layer detection, organizations generally test applications to make sure they’re secure before they are deployed. But time-to-market pressures have compromised this approach.
 
Organizations are under pressure to release applications faster than ever. With mobile apps, it’s not uncommon for a business unit to outsource development to firms that do little or no security testing. As we wrote about in an earlier issue, sometimes apps get released without any security checks or IT vetting whatsoever.
 
When applications do get tested, the security team is usually given only enough time to address critical vulnerabilities; many lower-priority weaknesses go into production, to be addressed later. While more testing would have a positive effect on an organization’s security posture, testing is not a cure for all problems.

The context for a better defense

Applications exist in a context of user interactions and intentions: it isn’t a simple matter of normal behavior vs. abnormal behavior. A mobile app’s request for a device’s GPS coordinates can be appropriate when the user clicks to display a map of his location. But the same request in another context could reveal malicious intent.

Network security catches a portion of exploit attempts, but it lacks the context to see how a particular user might be manipulating application behavior. Because network traffic is decoupled from the application runtime, it’s often impossible to distinguish benign actions from targeted attacks.

Therefore, to create outstanding application defense, traffic monitoring must sit within the runtime environment. It’s inevitable that the industry will move in this direction. HP Enterprise Security Products has made just such a move, debuting HP Application Defender at HP Protect 2014. HP Application Defender is a new, cloud-based runtime protection solution that watches everything going on in the app and stops suspected exploits in real time. Being a cloud-deployed solution, it offers ease of deployment and management with no infrastructure required to establish the service.

While ease of deployment adds value, the real takeaway is closing the gap on cyber crime’s most pressing vulnerability while supporting rapid business innovation. Increasingly, CIOs, CISOs, and security vendors are going to have to do a better job of stopping the attacks where they happen: at the application layer.

To better protect your apps, learn more about HP Application Defender.

 


x

IT leader assessment

This tool evaluates the correlation between IT attributes and business success and, based on how your answers compare with average scores, will advise you where to invest in IT.

It is based on data HP collected from 650 global companies about a range of IT characteristics (server capacities, approach to information management, security, BYOD, etc.) and how they correlate to revenue gain. This assessment will compare your answers to the average scores in that study.

There are 12 questions that will require an estimated 10 minutes of your time. You'll receive a summary of your rating upon completion.



Let's get started
x

Please select an answer.
x

Analysis:

Your answer:
Your score:
Average score:
Revenue leaders' score:


x

Please select an answer.


x

Results

Your score:
Average score:
Revenue leaders' score:


Get detailed results:

Subscribe

Popular tags

Events

Ponemon’s 2014 Cost of Cyber Crime study

Security analyst Larry Ponemon discusses his 2014 findings in a series of region-specific webinars covering Europe, the Americas and Asia.


HP Discover 2014

Join thousands of IT execs, engineers, and solution experts to explore IT trends, strategies, and best practices. (Barcelona,
Dec. 2–4)


Discover Performance Weekly

HP Software’s Paul Muller hosts a weekly video digging into the hottest IT issues. Check out the latest episodes.


Enterprise 20/20

Security 20/20

Preparing today for tomorrow’s threats.

Introduction to Enterprise 20/20

What will a successful enterprise look like in the future?

CIO 20/20

Challenges and opportunities for the CIO of the future.

Dev Center 20/20

How will we organize development centers for the apps that will power our enterprises?

Marketing 20/20

Welcome to a new reality of split-second decisions and marketing by the numbers.

IT Operations 20/20

How can you achieve the data center of the future?

Employee 20/20

What the workforce of 2020 can expect from IT, and what IT can expect from the workforce.

Mobility 20/20

Looking toward the era when everyone — and everything — is connected.

Data Center 20/20

The innovation and revenue engine of the enterprise.

Read more

HP Software related

Most read articles

Discover Performance

Archive

Tweets @ HPSecurity