TNS
VOXPOP
How has the recent turmoil within the OpenAI offices changed your plans to use GPT in a business process or product in 2024?
Increased uncertainty means we are more likely to evaluate alternative AI chatbots and LLMs.
0%
No change in plans, though we will keep an eye on the situation.
0%
With Sam Altman back in charge, we are more likely to go all-in with GPT and LLMs.
0%
What recent turmoil?
0%
Microservices / Security

Secure Microservices in Ways That Developers Like

Check Point's TJ Gonen discusses microservices security in context, the critical role security tools play and the support that AI/ML offers.
Jun 23rd, 2021 3:00pm by
Featued image for: Secure Microservices in Ways That Developers Like

The number of services cloud providers have begun to offer over the past couple of years has exploded, potentially exposing an exponentially larger number of microservices to vulnerabilities that support these services across multiple cloud and on-premises environments.

In this, The New Stack Makers podcast, TJ (Tsion) Gonen, head of cloud security for security provider Check Point, puts microservices security in context and describes the critical role security tools play and the support that artificial intelligence (AI) and machine learning (ML) offer. Jack Wallen, a correspondent for The New Stack, hosted this episode.


How to Secure Microservices in Ways Developers Like

In consideration of the explosion in network connectivity during the past few decades, the fact that networks continue to function is an amazing feat in and of itself, Gonen said. He compared today’s infrastructure to roadways that are getting much more traffic than they did when they were first built.

“If there were a billion more cars than there were 30 years ago, you would have a lot of road accidents and a lot of casualties,” said Gonen. With network security, “we’re still up, we’re still running, we’re still functioning [thanks to] a lot of security companies and cybersecurity technologies and some awareness.”

As the number of potential security threat vectors continues to proliferate at exponential rates, “by definition, more things are going to happen, because there are just more opportunities for things to happen,” Gonen said. “We’re still alive, we’re still walking, but there’s going be more pain — there is going to be more than 100% more pain,” said Gonen. “I think there’s going to be more pain before it becomes better, but it’s just a natural evolution — there are more opportunities for bad things to happen.”

In many respects, using a cloud service without undertaking the proper security checks first is like “picking up a USB stick from the floor and plugging it into your server,” Gonen said. “You’re encouraged to move super fast, you’re encouraged to do these things, you’re encouraged to use all these services,” Gonen said.

As an example, on the cloud when using microservices, container permissions must be set. “Now as a developer, you have two options: one of them is to go and say, ‘okay, this container only needs access to this, that and that and this service only needs these four API calls — that’s one of your paths. The other one is to ‘allow all,’” said Gonen. The latter option is much more easy, so which option would you guess is the one most used by busy developers?

“You can find technologies like what we provide that allows you to automate security from development to runtime while building trust with developers, giving them tools they like to use,” said Gonen. “You know how hard it is for security companies to wake up in the morning and say, ‘let’s build something developers like.’”

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Pragma, The New Stack.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.