With the cloud, containers and microservices, we’re navigating an environment that includes clients, proxies, web servers, app servers, ingress controllers, containers, sidecars, and a range of microservices performing more and more specialized functions—a whole world purely intrinsic to applications. The complexity involved in the presentation of an app today rivals that of the internet itself 10 years ago.
In an attempt to describe the security priority for this reality, the industry has been saying that “the app is the new perimeter.” But that description fails to capture the scope and sophistication of what’s really going on.
With that in mind, securing an app today is not like building a fortification around your asset—it’s more like shooting a rocket into space. There are thousands of possible components and permutations, and a failure at any point could cause its own unique consequence. The app equivalent of a faulty ignition circuit could mean the rocket sits idle on the launch pad until it’s fixed. And something as similarly minor as a frozen O-ring could have disastrous ramifications.
Read the full article published September 26, 2019 here: https://www.securityweek.com/adopt-insertion-point-security-microservices-world by SecurityWeek.
