Bridging the gap: Unified APM and AppSec for modern application development
David Puzas, CISSP
Head of Product Marketing, Assurance, Cloud, AI, & Platform at Cisco
In today's rapidly evolving landscape of cloud-based and virtual environments, developers are continually seeking innovative ways to ensure the reliability and security of their applications. While traditional security reference architectures have relied on methods like security information and event management (SIEM) and log analysis tools, there's a new player in town—application performance monitoring (APM) data. Let’s explore how the fusion of APM and security is shaping the future of modern app development and deployment.
The missing piece
Many existing architectures for cloud and virtual environments lack a crucial element: access to APM data. APM data offers a unique approach to early security warnings, but it requires an in-depth understanding of the application, which security professionals may not possess. However, collaboration between application and security teams can bridge this gap. While developers aim to understand anomalies within APM data (such as unexpected bugs, or vulnerabilities), security teams strive to ensure these anomalies aren't malicious.
APM tools hold a treasure trove of data that can benefit security professionals. With unparalleled insight into an application’s inner workings, they are a valuable addition to any defense-in-depth strategy. The more intelligent the APM tool, the more effective it becomes for security purposes.
领英推荐
At a minimum, APM tools should offer the following capabilities to be useful for security professionals:
Performance monitoring: APM tools should monitor performance changes, identifying scenarios where activity is either too fast (possibly indicating a denial-of-service attack) or too slow (indicative of misconfigurations or malware presence). Read more