blogEducationalRecent NewsRuntime Application Security Protection | K2 Cyber Security

Blog

July 2, 2020 By Timothy Chiu, VP of Marketing
CRN’s 12 Biggest Cloud Threats and Vulnerabilities in 2020

CRN published a new list of the 12 Biggest Cloud Threats and Vulnerabilities at the beginning of June 2020.  One of the main recurring themes in CRN’s list of 12 cloud threats and vulnerabilities though is misconfiguration. Whether it’s because of the multitude of options available, breakdown in a shared responsibility model, or mis-assigned privileges, there’s a resounding theme that security organizations need to do better when understanding their environments in the cloud.  Misconfiguration was also listed as one of the leading causes of breaches in this year’s Verizon Data Breach Incident Report.  Here at K2, we’ve seen misconfiguration lead to servers with unpatched vulnerabilities, leaving them vulnerable to attacks.

Aside from misconfiguration though, was an interesting note on “continuous scanning”, listed as number 11 in CRN’s list of the 12 Biggest Cloud Threats and Vulnerabilities.  CRN said that organizations fail to realize when new applications go into production and provide adequate security for them when they do.  It’s a good reminder that RASP (Runtime Application Self Protection) security solutions exist, and RASPs are security solutions that resides on the application server providing runtime security.  RASP is important for protecting all applications on that server, regardless of when they start running.  RASP as a security solution was recently added as requirement by the NIST (National Institute of Standards and Technologies) as part of their cyber security framework.

K2’s Security Platform is here to help with providing Runtime Application Security.

K2’s runtime deterministic application security platform monitors web applications and has a deep understanding of the application’s control flows, DNA and execution.  By validating an application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack.  By using deterministic security K2 can detect sophisticated zero day attacks and also protect the application from the risks listed in the OWASP Top Ten.

K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.

Change how you develop and protect your applications.

Find out more about K2 today by requesting a demo, or get your free trial.

 

 

Share this

Leave a Reply

Your email address will not be published. Required fields are marked *

K2 CYBER SECURITY

K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.

CONTACT INFO

K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131