By 2025, Gartner expects 95% of new digital workloads will be deployed on cloud native platforms, representing a 30% surge in cloud native adoption over the next three years. And Gartner isn’t the only trusted source weighing in on what’s expected. A survey conducted by the Cloud Native Computing Foundation (CNCF) shows more than half (55%) of organizations are releasing code (at least) weekly, with 18% releasing daily. To meet the need for accelerated innovation while protecting users and the bottom line, McKinsey released an in-depth look at why DevSecOps is key. In that paper, McKinsey stresses the need to de-silo IT teams and bake automated security workflows into CI/CD pipelines regardless of infrastructure, stating that by “integrating security into DevOps companies can step up the speed and frequency of software releases without compromising controls or increasing risk.”
Business Risk Observability
Earlier this year, we released game-changing enhancements to Cisco Secure Application that supports Business Risk Observability. These new features within Cisco AppDynamics application performance monitoring enable DevSecOps teams to detect vulnerabilities and threats in real time. They also allow teams to quickly gauge how likely it is that a risk will be exploited and the bottom-line impact each issue represents — before a breach occurs.
Now, at Cisco Live 2023 Las Vegas, we announced a new security module for Cisco Cloud Observability. This new addition enables teams to share business context for cloud-based full-stack application security to support adoption of DevSecOps.
Introducing security insights for Cisco Cloud Observability
The new security module for Cisco Cloud Observability announced this month at Cisco Live Las Vegas, will be generally available summer 2023. It includes the cloud native infrastructure insights teams need to locate threats and vulnerabilities. And delivers runtime data security that detects and protects against sensitive data leaks plus — business risk scoring for cloud security. The module harnesses the power of Cisco Security by integrating with Panoptica and Kenna Security to provide expanded threat visibility and business risk insights with actionable recommendations. This information supports real-time insight, helping to prevent revenue-impacting security risks and reduce an organization’s overall risk profile.
A quick look at the new cloud native security capabilities:
Cloud native infrastructure insights: Locate and highlight threats and vulnerabilities across cloud native Kubernetes and containers to facilitate faster cloud transformation and secure deployment of modern apps.
Runtime data security: Allow teams to detect and protect against sensitive data leakage with pre-defined expressions, reducing risk of PII data leakage and enabling faster adoption of cloud services.
Business risk scoring for cloud security: Combine data leakage and infrastructure threat and vulnerability intelligence with business impact and runtime behavior to identify the most pressing risks, avoid delays and accelerate response across teams.
Protecting what matters most
Developer velocity is critical to accelerating digital innovation at scale, and doing so without protection can easily result in costly and damaging consequences. Unfortunately, traditional vulnerability and threat scanning solutions still lack the shared business context needed to rapidly assess risks and align teams based on potential business impact. To protect users and the bottom line, speed across a DevSecOps environment is paramount. At this critical crossroads between traditional and modern application environments, we are thrilled to offer cloud native infrastructure insights, runtime data security and business risk scoring with actionable recommendations to keep high-performing, business-critical applications protected as part of overall Business Risk Observability.
For more security insights, read how to empower growth with full-stack data security and stay tuned for additional blogs that cover cloud native security in-depth.
Kashyap Merchant is the Director of Product Management for Application Security at Cisco AppDynamics, responsible for leading strategy, product evolution and innovation for cloud security solutions. Prior to AppDynamics, he served in various leadership roles in product, marketing and engineering for over 17 years across F5, Cisco, Calix and Motorola, delivering on security, analytics cloud and mobile enterprise initiatives. Kashyap earned an M.Sc. degree in computer science from the University of Southern California and a B. Eng. degree in electronics engineering from the University of Mumbai, has published many technical papers and holds four U.S. patents.
