Application DeliverySecurityWAF

DevOps and Security: Yes We Can

May 19, 2016 — by Ron Meyran0

Airlines, retailers, travel service providers, banks, marketplaces, and social media – all rely on their web applications to generate revenues or facilitate productivity. They typically develop and maintain their own web applications which are tailored for their business needs. To support the growing needs of their online presence, they are adopting agile development practices also known as DevOps and Continuous Deployment.


What is DevOps / Continuous Deployment about? It continues the deployment process in small chunks of time. Building, testing, and releasing software features and resources can happen rapidly, frequently, and more reliably.

But DevOps introduces ongoing security challenges. Developers integrating new code on a daily basis can inadvertently introduce new application vulnerabilities. Limited application and network security resources mean many of these new vulnerabilities remain unnoticed, often discovered after an attacker exploits them.

Let’s examine WAF & DAST integrations:

• A complete DAST tool scan of a web application may take hours. Therefore such scans are applied only periodically.

• In standard integrations the user has to import manually the DAST report to the WAF solution for auto-policy generation.

In continuous deployment environments, where new features and resources are added several times a day, standard solutions are too slow to keep you covered.

[You might also like: Validating Cisco’s Threat-Centric Security Solution]

HPE and Radware team up to address this challenge with the first fully automated real-time patching solution that combines HPE WebInspect Dynamic Application Security Testing (DAST) solution and Radware AppWall WAF.

The integration between HPE WebInspect, a market-leading DAST and Radware’s AppWall WAF is the only solution that can really address DevOps security challenges.

What is new here? It’s about focus and automation that leads to the widest security coverage against known and zero-day vulnerabilities:

Focus: Appwall’s unique ability to detect and isolate very specific changes within the application allows it to trigger DAST scans only for the modified resource. The DAST scanning time is reduced to minutes.

Automation: AppWall programs the DAST to scan only modified resources; it then implements the report by auto-generating a security policy that protects the newly discovered vulnerabilities.

This is the only virtual patch solution that can truly support DevOps/CD environments.

For more information please visit our WAF solution page.

Ron Meyran

Ron Meyran leads the marketing activities, partner strategy and Go-to-Market plans for Radware’s alliance and application partners. He also works to develop joint solutions that add value proposition and help drive sales initiatives – designed to increase visibility and lead generation. Mr. Meyran is a security and SDN industry expert who represents Radware at various industry events and training sessions. His thought leadership and opinion pieces have been widely published in leading IT & security industry magazines and he holds a B.Sc. degree in Electrical Engineering from Ben-Gurion University and a MBA from Tel Aviv University.

Leave a Reply

Your email address will not be published. Required fields are marked *