Earlier this year, in March of 2020, CSO Online published an article on the key facts and figures around cyber security for 2020. I recently came across this article, and was astounded by one of the facts listed in the article.
- 60 percent of breaches involved vulnerabilities for which a patch was available but not applied
That’s an incredible number. It refers to the number of breaches that occurred in 2019 that could have been prevented, if only the systems had been kept up to date with the available patches for the known vulnerabilities in the applications and systems. This one fact alone means that the simplest security mechanism that organizations have at their fingertips is just keeping their systems up to date and patched.
While that sounds simple in practice, many organizations will tell you it is much harder to implement in reality. For many organizations, any patch must be thoroughly tested before it can be implemented in production, just in case the patch has a adverse interaction with running applications, and cause an outage which could easily cost an organization money if their applications were down for any time. Most security teams do not have the necessary resources to test and implement all the patches required in a timely manner, which has led to the successful attacks on vulnerable applications that could have otherwise been prevented.
So, while it’s preferred that organizations keep up to date and patched, if that’s not feasible, the next step is protecting vulnerable applications. Organizations need to implement a plan to get to the security they need to have. If your organization doesn’t already have a security framework in place you may want to consider the one used by the federal government and produced by the National Institute of Standards and Technology (NIST). The recent finalization of the National Institute of Standard and Technology (NIST)’s SP800-53 Revision 5 update on September 23, 2020, has the most up to date recommended framework for security. It has new requirements for application security including the requirements for organizations to use Runtime Application Self-Protection (RASP) and Interactive Application Security Testing (IAST).
RASP solutions like the one from K2 Cyber Security offer significant application protection, including protection of vulnerable applications, while at the same time using minimal resources and adding negligible latency to an application. K2 Security Platform uses runtime deterministic security to monitor the application and has a deep understanding of the application’s control flows, DNA and execution. By validating the application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack. Deterministic security results in the detection of sophisticated zero day attacks and also protects from application from the risks listed in the OWASP Top Ten, including XSS and SQL Injection.
K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution. K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application. To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.
Change how you protect your applications, and check out K2’s web application and application workload security solution.