Threat Stack announced it has added Threat Stack Application Security Monitoring, an application runtime protection and risk detection tool, to the Threat Stack Cloud Security platform at no additional cost to users. That capability is based on runtime monitoring tools the company gained by acquiring Bluefyre last year.
At the same time, Threat Stack announced an alliance with JASK, a provider of security information event management (SIEM) platform for the cloud.
Tim Buntel, vice president of application security products for Threat Stack, said the goal is to make it easier for developers to discover cloud application issues before an application is deployed in production and then, if required, identify issues that need to be remediated once the application is deployed.
In addition to providing developers with a set of best cybersecurity practices to follow, Buntel said Threat Stack Cloud Security also includes tools to block attacks involving cross-site scripting (XSS), SQL injection (SQLi) and NoSQL injection (NoSQLi).
Buntel said organizations face multiple challenges in securing cloud applications, including visibility and being able to remediate issues as quickly as possible once they are discovered. That issue is only becoming more acute as containers drive the deployment of a new generation of cloud-native applications that are more difficult to secure, he noted. Most organizations today don’t have the expertise needed to secure legacy cloud applications, so Threat Stack Cloud Security reduces the pressure on the cybersecurity team by enabling more cybersecurity responsibility to be shifted left to the developer, Buntel said.
The Threat Stack approach makes it possible for cybersecurity teams to trust developers to implement the proper security controls while retaining enough visibility and control to verify those controls are in place.
The cybersecurity shift to the left, of course, requires cybersecurity teams to overcome the mistrust of developers that has built up over the last 30-plus years. In many cases, developers have viewed cybersecurity requirements as something to get around rather than a core part of the quality control process. Cybersecurity concerns often were given short shrift as developers raced to make an application release deadline.
Today, however, organizations that have suffered multiple application breaches are holding developers more accountable. Threat Stack contends that shift requires a cybersecurity platform that makes it easier for cybersecurity teams and developers to work more hand in glove. That’s critical because developers are being asked to address cybersecurity issues within the development process without slowing down the rate at which applications are being developed. There simply aren’t enough cybersecurity professionals to participate at every level of the application development process, so application code that hasn’t been inspected by the cybersecurity team will continue to show up in the cloud.
Not every organization is equally down the DevSecOps path. Most of them, however, understand there is no alternative. Every application security breach today not only runs the risk of not only incurring fines and remediation costs but also has a meaningful impact on the brand value of the organization. The issue isn’t so much who is at fault every time a breach occurs, but rather how to prevent as many breaches as possible from ever happening in the first place.