Organizations have seen a dramatic shift towards digital transformation in recent years, driven in part by the COVID-19 pandemic and the work from home phenomenon. Part of that transformation included a shift to an increased use of applications in and across the cloud. Applications store, process and exchange sensitive data belonging to the organization, making application security mission critical. Juniper Networks has made application security a core tenet of the Juniper Experience-First Networking philosophy, first with a partnership and integration with K2’s Workload Protection Platform back in February of 2020 and this week by expanding the Juniper/K2 partnership, by leveraging K2 Cyber Security’s technology as part of Juniper’s launch of Juniper Cloud Workload Protection.
Juniper Cloud Workload Protection
This week Juniper announces Juniper Cloud Workload Protection with the ability to automatically defend application workloads in any cloud or on-premises data center environment against application exploits as they happen, including the Open Web Application Security Project® (OWASP) Top 10 and memory-based attacks.
Juniper Cloud Workload Protection is a lightweight software agent that controls application execution and monitors the application’s behavior and context – what it’s supposed to do against what’s happening in real-time. Vulnerability remediation is done automatically without admin intervention. Juniper Cloud Workload Protection ensures that production applications always have a safety net against vulnerability exploits, keeping business-critical services connected and protected. This new Juniper product provides the following critical capabilities:
- Signatureless Run-Time Application Self-Protection (RASP) provides real-time protection against attacks. It protects the application from malicious actions, such as exploitation and data theft, without any manual intervention, catching sophisticated attacks that endpoint detection (EDR) and web application firewall (WAF) solutions cannot.
- Memory-Based Attack Prevention provides real-time protection against advanced memory-based attacks, including fileless, return-oriented programming (ROP) and buffer overflow attacks.
- Vulnerability Detection continuously assesses vulnerabilities in applications and containers to detect serious and critical exploit attempts as they happen. Juniper Cloud Workload Protection delivers information on the exploit attempt to DevSecOps teams to better understand where the vulnerability exists, so they can remediate.
- Comprehensive Telemetry provides rich application-level security event generation and reporting, including application connectivity, topology and detailed information about the attempted attack.
- Optimized Control Flow Integrity (OCFI) technology minimizes false alerts by validating the execution of applications and detecting attacks without using behavior or signatures.
- Zero Trust Microsegmentation shields application resources from lateral threat propagation and integrates with Juniper vSRX Virtualized Firewalls to restrict access based on risk, even as workloads and virtual environments change. Automated threat response with built-in, real-time telemetry helps security teams detect threats once and block them across the entire network.
The Juniper and K2 partnership started with the integration of the Juniper SRX Firewall family (including vSRX) with K2 Workload Protection Platform, enabling organizations to block zero-day attacks in real-time at the firewall. Firewalls like the Juniper SRX, offer network protection and an ideal orchestration point for battling web application and workload-based cyberattacks. The integration between the Juniper SRX Firewall and K2 Platform enables the combination of advanced next generation workload security and the ability to securely block and prevent future attacks in real-time using the Juniper SRX Firewall.
With the introduction of Juniper Cloud Workload Protection, organizations can keep applications connected and protected, providing application teams the means to deliver, operate and ensure that their data center environments are following compliance rules while continuously looking out for anomalies.
For more information on Juniper’s announcement, visit Juniper’s Cloud Workload Protection webpage. For more information on the Juniper + K2 integration, you can download the Juniper + K2 solution brief.