Build Your Immunity Across All App-Security Insertion Points

Your app security still relies on routers that can reach end-of-life. F5 Labs' Preston Hogue writes for SecurityWeek, discussing the need to think of your entire stack when protecting your apps.
January 02, 2020
1 min. read

Years ago, I worked on a consulting project for a large financial services company, which had recently invested $20 million into their core offering, a managed services platform for financials that was used by hundreds of customers.

We did a Failure Mode Effect Analysis for them, looking at every component making up the major service—every app, every piece of infrastructure supporting each app, every business process, every development and IT process—and every permutation of interactions across that entire stack.

As it turned out, the routers they were using for each of their dedicated customers were end of life, which we flagged as an issue. Sure enough, all of those routers came up with a bug that turned into a nasty illness. It took down the entire infrastructure and none of the firm’s customers could access their financial systems to process invoices, make or receive payments, initiate new purchases. Suffice to say, it was a catastrophe.

The fact that a $20 million service could be taken offline by a $1,000 part goes to show that any system is only as strong as its weakest link and its associated app security insertion point. Major applications today are so complex they rival living organisms, with security acting as an immune system. Infections can come from anywhere, so you have to be looking everywhere, and defending everywhere too.

Read the full article published November 27, 2019 here: by SecurityWeek.

Join the Discussion
Authors & Contributors
Preston Hogue (Author)

More from Learning Center

Forward and Reverse Shells
Forward and Reverse Shells
09/15/2023 article 5 min. read
Web Shells: Understanding Attackers’ Tools and Techniques
Web Shells: Understanding Attackers’ Tools and Techniques
07/06/2023 article 6 min. read
What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
07/05/2022 article 13 min. read