HomeAuthorPravin Madhani, CEO and Co-Founder, Author at K2io

Organizations have seen a dramatic shift towards digital transformation in recent years, driven in part by the COVID-19 pandemic and the work from home phenomenon.  Part of that transformation included a shift to an increased use of applications in and across the cloud.  Applications store, process and exchange sensitive data belonging to the organization, making application security mission critical.  Juniper Networks has made application security a core tenet of the Juniper Experience-First Networking philosophy, first with a partnership and integration with K2’s Workload Protection Platform back in February of 2020 and this week by expanding the Juniper/K2 partnership, by leveraging K2 Cyber Security’s technology as part of Juniper’s launch of Juniper Cloud Workload Protection.

One of the most common issues with security testing of applications is being inundated with vulnerability reports, containing too many vulnerabilities for a typical development team to handle.  This includes reports from testing tools like SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing). The problem isn't just the volume of vulnerabilities, but the difficulty in determining which vulnerabilities are real (as opposed to false positives), which are just informational, which are severe or critical, which actually exist in the application (as opposed to just in a library that's included but not used by the application), and perhaps most importantly which vulnerabilities are actually exploitable.

A recent article in Reportdoor.com started with these words, "Every Company is Now a Software Company."  With COVID still causing disruption for every organization, this has truly become a truth for every enterprise.  The article focused specifically on the state of web application security, and a report created by Cyentia that reviewed around 100 other security reports to identify how organizations are handling web application security. 

A new article in TechTimes is highlighting the results of a study on the web application security for Insurers in Europe.  The study found that the web applications of major insurance companies in Europe contain security weaknesses.  The study looked at the web applications of Europe's top 10 insurance providers, and every company examined had some degree of security vulnerability.

SiliconAngle reported on a new study that found 67% of applications in the utility sector have serious vulnerabilities.  The report found that the "Window of Exposure," a key metric indicative of breach exposure for applications, has increased from 55% to 67% in the utility sector since the start of the year. The figure makes applications in the utility sector the second most vulnerable to attacks behind public administration applications.

In case you missed it, the President of the United States of America, Joe Biden, issued a new executive order in May of 2021, aimed at improving the nation's cyber security. With increase in threats and almost daily stories of new companies being the subject of ransomware and data breaches, perhaps it's no surprise that the U.S. Federal government is taking a serious look at the state of the security in federal organizations.

K2 CYBER SECURITY

K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.

CONTACT INFO

K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131