Recently, San Francisco-based AppDynamics launched Cisco Secure Application, a first-of-its-kind solution to simplify vulnerability management.

With applications now running on-premise and multi-cloud along with cloud-native microservices combined with accelerated innovation, an application-led approach to security has become paramount. Analytics India Magazine got in touch with the regional CTO of AppDynamics, Gregg Ostrowski, to understand the top security concerns and how an app-led security vulnerability management can help businesses fight off cyber attacks.

AppDynamics is part of Cisco group.

Rising security concerns for the AppOpps team

Talking about the dynamic application environment, Ostrowski said, considering organisations are currently relying more on applications to engage with customers, a huge volume of data ends up getting housed within the application instead of a centralised spot. This leads to companies becoming more vulnerable to security incidents. Furthermore, with the apps getting enhanced through cloud and microservices, they no longer run only on-premise. Rather, they are currently leveraging a hybrid mode, connecting on-premise with multi-cloud architectures. 

In a recent Cisco report, the company had noted that such issues lead to a vulnerable attack surface. Thus, companies are critically investing in new security postures. According to the report, while IT decision-makers invest heavily in cloud applications, many also commit resources towards network security, cloud security, and multi-cloud infrastructure in 2021-2022.

Ostrowski also spoke about how organisations’ continued support of employees working from home can get challenging for the business “with laptops and devices connected to the public internet.”

AppDynamics truly believes in an inside-out approach, where application security tools automatically detect vulnerabilities and protect the IT landscape from within. 

To facilitate this, Ostrowski suggested that the security procedures need to act during the development cycles. “Ensuring security as an enabler vs a blocker is key as user experience cannot be sacrificed,” said Ostrowski.

How does the Cisco Secure Application fit into the security landscape?

The biggest value is to provide organisations with the ability to monitor threats while the application is running, believes Ostrowski.

Explaining the process, he stated: Typically, DevSecOps strategies provide risk-mitigating options after the application is released into the market. However, an application-led security strategy can react and respond to cyberattacks before end users are negatively impacted.

This is where Cisco Secure Application comes in. It can protect organisations and users from attacks and vulnerabilities with unified business performance and security observability. It provides comprehensive visibility of the application health along with the infrastructure and network running them. To detect malicious behaviour, Cisco Secure Application works on the curated threat list, which then notifies the AppOps team and provides ways to remediate the attack. Providing teams a common tool to collaborate will remove barriers that siloed tools commonly cause. 

Wrapping Up

According to Ostrowski, Cisco Secure Application helps companies dig out problem areas and offer efficient ways to respond. “If NetOps, SecOps and ITOps work siloed, then it always creates a weak link that can actually hamper the business operations,” he said. 

So, the more visibility one has of their entire IT and apps landscape, the more one can strengthen their security postures. This will allow the AppOpps team to understand wrongful behaviour and enable them to respond immediately. “Unlike other application security tools, it continuously detects weaknesses and thwarts attacks seamlessly,” concluded Ostrowski.