Strategies
November 08, 2019

Adopt Insertion Point Security for a Microservices World

1 min. read
By Preston Hogue

With the cloud, containers and microservices, we’re navigating an environment that includes clients, proxies, web servers, app servers, ingress controllers, containers, sidecars, and a range of microservices performing more and more specialized functions—a whole world purely intrinsic to applications. The complexity involved in the presentation of an app today rivals that of the internet itself 10 years ago.

In an attempt to describe the security priority for this reality, the industry has been saying that “the app is the new perimeter.” But that description fails to capture the scope and sophistication of what’s really going on.

With that in mind, securing an app today is not like building a fortification around your asset—it’s more like shooting a rocket into space. There are thousands of possible components and permutations, and a failure at any point could cause its own unique consequence. The app equivalent of a faulty ignition circuit could mean the rocket sits idle on the launch pad until it’s fixed. And something as similarly minor as a frozen O-ring could have disastrous ramifications.

Read the full article published September 26, 2019 here: https://www.securityweek.com/adopt-insertion-point-security-microservices-world by SecurityWeek.

Need-to-Know

Expertly picked stories on threat intelligence

Hundreds of apps will be attacked by the time you read this.

So, we get to work. We obsess over effective attack methods. We monitor the growth of IoT and its evolving threats. We dive deep into the latest crypto-mining campaigns. We analyze banking Trojan targets. We dissect exploits. We hunt for the latest malware. And then our team of experts share it all with you. For more than 20 years, F5 has been leading the app delivery space. With our experience, we are passionate about educating the security community-providing the intel you need to stay informed so your apps can stay safe.

Every

9 hrs

a critical vulnerability—with the potential for remote code execution—is released.