Under Attack?
Search
Menu

DevOps and Security: Yes We Can

By Ron MeyranMay 19, 2016

Airlines, retailers, travel service providers, banks, marketplaces, and social media – all rely on their web applications to generate revenues or facilitate productivity. They typically develop and maintain their own web applications which are tailored for their business needs. To support the growing needs of their online presence, they are adopting agile development practices also known as DevOps and Continuous Deployment.

web-application-firewall

What is DevOps / Continuous Deployment about? It continues the deployment process in small chunks of time. Building, testing, and releasing software features and resources can happen rapidly, frequently, and more reliably.

But DevOps introduces ongoing security challenges. Developers integrating new code on a daily basis can inadvertently introduce new application vulnerabilities. Limited application and network security resources mean many of these new vulnerabilities remain unnoticed, often discovered after an attacker exploits them.

Let’s examine WAF & DAST integrations:

• A complete DAST tool scan of a web application may take hours. Therefore such scans are applied only periodically.

• In standard integrations the user has to import manually the DAST report to the WAF solution for auto-policy generation.

In continuous deployment environments, where new features and resources are added several times a day, standard solutions are too slow to keep you covered.

[You might also like: Validating Cisco’s Threat-Centric Security Solution]

HPE and Radware team up to address this challenge with the first fully automated real-time patching solution that combines HPE WebInspect Dynamic Application Security Testing (DAST) solution and Radware AppWall WAF.

The integration between HPE WebInspect, a market-leading DAST and Radware’s AppWall WAF is the only solution that can really address DevOps security challenges.

What is new here? It’s about focus and automation that leads to the widest security coverage against known and zero-day vulnerabilities:

Focus: Appwall’s unique ability to detect and isolate very specific changes within the application allows it to trigger DAST scans only for the modified resource. The DAST scanning time is reduced to minutes.

Automation: AppWall programs the DAST to scan only modified resources; it then implements the report by auto-generating a security policy that protects the newly discovered vulnerabilities.

This is the only virtual patch solution that can truly support DevOps/CD environments.

For more information please visit our WAF solution page.

Posted in: Application Delivery Security WAFTags:

Ron Meyran

Ron Meyran leads the marketing activities, partner strategy and Go-to-Market plans for Radware’s alliance and application partners. He also works to develop joint solutions that add value proposition and help drive sales initiatives – designed to increase visibility and lead generation. Mr. Meyran is a security and SDN industry expert who represents Radware at various industry events and training sessions. His thought leadership and opinion pieces have been widely published in leading IT & security industry magazines and he holds a B.Sc. degree in Electrical Engineering from Ben-Gurion University and a MBA from Tel Aviv University.

Related Articles

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?