UncategorizedHow Perimeter Security Problems are Solved by Runtime Application Security Solutions

Blog

March 30, 2020 By Timothy Chiu, VP of Marketing
Getting Close to the Application Security Problem – When Perimeter Security Isn’t Enough

Ensuring the Security Of Applications and the Role of Web Application Firewalls (WAFs)

If you have an application running and exposed to the internet, you’ve probably already made the decision to make sure you have security for that application.  Most likely you’ve chosen one the most common security options for application security, the Web Application Firewall (WAF).

Why do Web Application Firewalls fail to Protect Web Applications?

While the WAF was invented to secure web applications, its history and ability to prevent attacks hasn’t been very successful.  WAF technology failed to prevent two recent high profile breaches, the attacks that happened to Equifax and Capital One.  K2 has written about these two attacks in separate blog articles, this one on Capital One, and this one on Equifax.  While these articles talk about specific attacks where the WAF failed to detect an attack, they don’t discuss a broader issue with using WAF technology to protect applications, the fact that WAFs are a perimeter solution and sit at the network edge, away from where the application runs.  WAFs can monitor north-south transactions, but will fail to see anything happening east-west, and directly at the application and server level itself.

Where Runtime Application Security Fits in the Security Framework

With the sophisticated level of today’s attacks, there is a requirement to monitor the application itself as its running, to ensure that every attack is detected.  If the WAF allows one attack through the perimeter defenses, it has no idea what that attack is doing to the application once its through.  A runtime application security platform can monitor the application continuously and detect attacks including the initial breach, and any subsequent activity that occurs because of the breach.  This is especially important if there’s more than one server, and/or more than one application running behind the WAF’s defenses, as any attack can jump from one server to another and from one application to another once it’s past the WAF’s defenses.

3 Requirements to Check Before Investing in a Runtime Application Security Solution

Runtime application security is the right answer to security for your application running on the internet.  But not just any runtime application security is sufficient.  When looking for a runtime application security solution there are some key requirements to keep in mind.

  • First the solution must be effective at detecting new and sophisticated zero day attacks and memory-based attacks which are becoming more prevalent.  Solutions that rely on past attacks or knowledge of past attacks, have proven to be less than successful with zero day attacks.
  • Second, the solution must be low impact, meaning it should use as little CPU and memory on the serer as possible, while at the same time adding as little latency as possible to the application.
  • Finally the security solution should also enable fast remediation once an attack is detected.  For example, the solution should allow you to quickly identify the vulnerability in your code so you can fix the vulnerability, and the solution should let you identify the source of the attack so it can be blocked in real time.

K2’s Next Generation Application Workload Protection Platform

K2’s Next Generation Application Workload Protection Platform addresses these runtime security needs in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  K2 also provides attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.  Find out more about K2 today by requesting a demo, or get your free trial.

Share this

Leave a Reply

Your email address will not be published. Required fields are marked *

K2 CYBER SECURITY

K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.

CONTACT INFO

K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131