Airlines, retailers, travel service providers, banks, marketplaces, and social media – all rely on their web applications to generate revenues or facilitate productivity. They typically develop and maintain their own web applications which are tailored for their business needs. To support the growing needs of their online presence, they are adopting agile development practices also known as DevOps and Continuous Deployment.
What is DevOps / Continuous Deployment about? It continues the deployment process in small chunks of time. Building, testing, and releasing software features and resources can happen rapidly, frequently, and more reliably.
But DevOps introduces ongoing security challenges. Developers integrating new code on a daily basis can inadvertently introduce new application vulnerabilities. Limited application and network security resources mean many of these new vulnerabilities remain unnoticed, often discovered after an attacker exploits them.
Let’s examine WAF & DAST integrations:
• A complete DAST tool scan of a web application may take hours. Therefore such scans are applied only periodically.
• In standard integrations the user has to import manually the DAST report to the WAF solution for auto-policy generation.
In continuous deployment environments, where new features and resources are added several times a day, standard solutions are too slow to keep you covered.
HPE and Radware team up to address this challenge with the first fully automated real-time patching solution that combines HPE WebInspect Dynamic Application Security Testing (DAST) solution and Radware AppWall WAF.
The integration between HPE WebInspect, a market-leading DAST and Radware’s AppWall WAF is the only solution that can really address DevOps security challenges.
What is new here? It’s about focus and automation that leads to the widest security coverage against known and zero-day vulnerabilities:
• Focus: Appwall’s unique ability to detect and isolate very specific changes within the application allows it to trigger DAST scans only for the modified resource. The DAST scanning time is reduced to minutes.
• Automation: AppWall programs the DAST to scan only modified resources; it then implements the report by auto-generating a security policy that protects the newly discovered vulnerabilities.
This is the only virtual patch solution that can truly support DevOps/CD environments.
For more information please visit our WAF solution page.