The Dark Side of Microservices: Are Your Applications Secure?


Have you noticed how everyone’s talking about digital transformation? It’s because businesses of all sizes are eager to embrace change and become more agile and scalable in this ever-evolving digital world. And one way they’re doing this is by adopting a microservices architecture.

Microservices, which break down applications into smaller, independent services, offer numerous benefits, and using Kubernetes as the go-to for orchestration has only made them more popular. But with all this newfound agility comes a new challenge — securing these smaller, dispersed services. That’s why application security has become such a critical aspect of microservices architectures.

Securing Microservices — A Four-Part Blog Series

This is the first installment of a four-blog series that will discuss the challenges inherent in securing a microservices architecture.

  • Today’s blog will provide an overview of microservices architecture and the challenges it presents for protecting applications.
  • Blog two will focus on the data breach attack Cyber Kill Chain and the threat surface.
  • Blog three will cover the limitations of current solutions and how Radware KWAAP addresses them.
  • Blog four will conclude the series by showcasing Radware’s architecture and deployment options.

What is a Microservices Architecture?

A microservices architecture is a modern software design approach that involves breaking down applications into smaller, autonomous services. Each microservice is created to tackle a specific job and can be put into action, controlled, and increased separately. It gives you the freedom to move and grow quickly.

Microservices architecture has a decentralized nature because each microservice in the application is designed to be autonomous, meaning each service operates independently of the others. This independence means that each microservice can be deployed, managed and scaled separately, allowing for more flexibility and easier modification — or updating — of individual components. The decentralized nature of microservices also means that different teams within an organization can work on different microservices simultaneously. This improves collaboration and increases the speed of development.

How Do You Control All Of These Services?

Kubernetes has become the top choice for many companies in need of controlling and organizing their microservices. In fact, a recent survey showed that over 70% of organizations are using or plan to use Kubernetes in production.

But with the benefits of microservices come new security challenges. Let’s dive in and explore some of the key challenges and difficulties that arise from the need to ensure the security of these applications.

Increased Attack Surface

The first challenge we’ll discuss is the increased attack surface. The attack surface refers to the total area of an application that can be vulnerable to exploitation or attack. In a microservices architecture, the attack surface is multiplied. Each microservice represents its own security perimeter, creating more entry points for potential attackers to target.

The decentralized nature of microservices increases the number of endpoints that can be targeted by an attacker. This makes it more difficult to secure all the microservices and their interactions. This also leads to a higher risk of misconfigurations and vulnerabilities that can be exploited.

The decomposition of applications into smaller services also increases the complexity of securing the environment. And the increased number of entry points means attackers have more opportunities to exploit vulnerabilities in the system. The use of cloud environments for microservices deployment can make the issue more challenging, as cloud environments typically have more users, more data and more applications than traditional monolith environments. It is not uncommon to see applications with hundreds of microservices. This large number of microservices creates even more entry points for potential attackers, further increasing the attack surface.

Complexity in Securing Communication Between Microservices

The second challenge of securing microservices architecture is the complexity of securing communication between microservices. Communication is key for these services to work together. As the number of microservices grows, so does the number of interactions between them. This makes securing all communications a daunting task. For instance, did you know that an estimated 86% of application traffic is generated just between the microservices? That’s right, for every request received from the outside, an additional six requests are generated between the microservices.

Each microservice operates independently and communicates with other microservices to perform its specific task. Communication between microservices is accomplished through REST APIs, message queues or gRPC (remote procedure calls). Securing this communication is critical to ensure the protection of sensitive information and the prevention of unauthorized access.

However, each microservice may have different security requirements, which makes it complex to ensure secure communication between them. For instance, a microservice handling sensitive financial information may have stringent security measures, like encryption, while another handling less sensitive information may have less strict security requirements. To ensure secure communication, a comprehensive and integrated security solution is necessary.

Wrapping Up

As microservices architecture becomes more mainstream, we have to be prepared for the increase in cyber-attacks targeting them. We’ve already seen this trend with the recent rise in Kubernetes attacks, like the infamous Kinsing malware, the sneaky Kiss-a-dog Cryptojacking Campaign, the malicious Hildegard malware and even the first-of-its-kind Siloscape malware, which targets Windows containers.

Many wonder if this is manufactured danger or if there is a real threat that companies need to be worried about. No question, it’s real. The threat landscape is always changing, and attackers are getting sneakier with their methods to exploit vulnerabilities in a microservices architecture. It’s clear that the cyber criminals are evolving, and it’s up to us to stay one step ahead and recognize that the traditional approach to perimeter protection is no longer sufficient.

What’s Up Next

In our next blog in the series, we’re going to take you on a journey through the world of the hacker — from the data breach Cyber Kill Chain attack to the threat surface. So, hold onto your seats! Until then, stay informed, stay safe and contact us to get more information about Radware’s application protection for Kubernetes.

Tomer Rozentzvaig

Director of Product Management – AppSec Tomer is a 25-year Hi-Tech industry expert. He has been actively involved in developing, inventing and leading product development for distributed heterogeneous network environments for military and paramilitary organizations. His career has been focused on 3 key areas: security, providing value to customers and delivering an excellent user experience (UX). In his various roles, Tomer has led all security risk analysis tasks and has been responsible for implementing mitigation solutions at every layer of the network.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center