Cloud Native / DevOps / Security / Sponsored / Contributed

How Cloud Native Security Platforms Can Rescue Cloud Native

7 Nov 2019 5:00pm, by

Prisma sponsored this post.

Vinay Venkataraghavan
Vinay, principal cloud architect for Palo Alto Networks, has extensive experience in architecting and building cloud native and containerized applications and security products. Vinay has spoken at many conferences including AWS re:Invent, AWS Summit, Google meetups, among others and is passionate about sharing his knowledge to help enterprises secure their digital and cloud footprint. He focuses on seamlessly integrating the security provided by the Palo Alto Networks platform with the offerings from cloud service providers. He believes that security does not have to be difficult to adopt and that automation along with DevSecOps is a winning combination. He has built numerous solutions and integrations that have made security, cloud native.

Many organizations are able to push the boundaries of software innovation to new levels through cloud native adoption. What used to represent a year’s worth of deliverables for developers is now being met in a matter of months — even weeks. Like an astronaut stepping out into a brave new world, we put our stake in the sand, hold our heads high and embrace this bright, new future.

“One small step for man, one giant leap for mankind.” — Neil Armstrong

But security teams are challenged by cloud native. With a growing number of apps running on more platforms in more places than ever before, cloud native is an ever-expanding, omnipresent multiverse. Traditional security methodologies are no longer relevant in this new landscape, as security is being pushed closer to the workloads and “perimeter” is as abstract a concept as the cloud itself.

Because security and development teams have traditionally worked in silos, advancements in application development were often implemented in the absence of advancements in security methodologies to support them. This created significant gaps and left organizations more vulnerable than ever — that is, until DevSecOps entered the universe, bringing hope.

“Beam me up, Scotty.”

DevSecOps is the perfect match for cloud native. It epitomizes everything we love about cloud native by nature: it is integrated, multifaceted and focused on automation and speed. A recent research survey from ESG found automating security via CI/CD integration, i.e. DevSecOps, is becoming the industry standard approach for organizations looking to secure cloud native applications.

Having this gold standard established is a good thing — it gives organizations a crystal-clear goal to work towards. But although the destination has been identified, the path to getting there is still shrouded in mystery.

 “Houston, we have a problem.”

The security point tools that have flooded the market in recent years showed promise to secure cloud native applications. Unfortunately, their fragmented nature — each of them only accounting for part of the problem — runs counter to the goal of an integrated, DevSecOps culture, which is a requirement for effectively securing cloud native apps. The good news is leveraging a fully integrated Cloud Native Security Platform (CNSP), which weaves consistent security throughout the entire CI/CD pipeline, can actually unite DevOps, infrastructure and security teams alike under one homogenous workflow. This makes DevSecOps a natural evolution rather than a forced deviation.

“To infinity and beyond!”

The surge of cloud native adoption is mirrored by the growth and popularity of KubeCon + CloudNativeCon North America. These modern application workflows bring with them the promise of accelerated technological achievement — however, it is absolutely critical that this is bound by a proper security foundation or companies will see cloud native as a rocket ship that’s destined to hit the dust.

That’s why we’re partnering with Cloud Native Computing Foundation (CNCF) for KubeCon 2019 in order to help organizations harness the full potential of cloud native and adopt the right security tools and capabilities in the process. Our co-located event, Cloud Native Live: Evolving Security, is packed with sessions that focus not just on threats and countermeasures but also on how to leverage cloud native technologies to embrace DevSecOps and improve the efficiency of security teams. You can also join us later that afternoon for a rooftop reception at Altitude Sky Lounge, and if you can’t make day zero for the co-lo, visit us throughout the week at our Booth #27 or join us at The New Stack Pancake Breakfast or one of our sessions.

“May the force be with you, always.”

It’s safe to say the technology industry is transforming to embrace cloud native. The question remains if organizations can adopt effective security controls to keep pace.

We hope to run into you at KubeCon this year to celebrate the benefits of cloud native, revel in the possibilities of this higher dimension and help arm you with the security knowledge and awareness that is needed for success. You may even win a Nintendo Switch, since we’re giving one away every hour. See you there.

Feature image via Pixabay.

A newsletter digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.