Why Cisco
Why Cisco Secure Application?
After evaluating many Application Security products, Savi and her team decided to implement Cisco Secure Application because of these reasons:
Runtime detection
Typically, vulnerability scanning is done pre-production or scheduled monthly/quarterly etc. But Cisco Secure Application provides real-time production assessment of vulnerabilities by scanning code execution to prevent exploits regardless of where the application is hosted or where the traffic originated and then maps them back to the running instances. It detects application code dependency and security vulnerabilities in production. The business can operate at a faster pace with a lower risk profile due to constant run-time protection, real-time remediation, and security automation.
Significant reduction in MTTD and MTTR
Protection at runtime gives visibility into application’s true behaviour and you can catch zero-day exploits in minutes and not in weeks/months. It gives the details of vulnerabilities, their severity levels, the remediation steps that includes the details of the running part of the code that is vulnerable and what to change to mitigate the risk. This reduces the Mean Time to Detection from days/weeks to minutes and helps in drastically reducing the time it takes to remediate.
Automatic & continuous
It simplifies the life cycle of vulnerability fixes and security incidents. New discoveries and resolutions are tracked and reported without having to wait.
Strategic prioritization based on Business Impact
Vulnerability data is correlated to the application and business context so that application and security teams can prioritize, execute, and track remediation by business impact.
No more siloed teams
With Secure Application, application and security teams can leverage correlated performance and security insights to minimize their organization’s attack surface, safeguard customer data, keep business impact and objectives top of mind, and thrive in today’s digital environment.
Secures modern applications without sacrificing velocity
Secure Application reduces the risk of security exposure without compromising the speed of delivery.
Anomaly detection and prevention
Provides visibility into Application’s true behaviour and detects deviations from the normal. Automatically enforces security policies to block the threats.
No additional Agent
There is no need of deploying any additional agent (It’s embedded into existing APM agent). It has negligible overhead and doesn’t impact end-users.
Works with existing Security Solutions
It compliments existing security products such as WAFs, NGWAFs etc. and works well with products like Cisco Secure Cloud Analytics, Cisco Secure Workload and Cisco Secure Access (Duo) to protect the Application from ‘Inside’ and ‘Outside’.
Secure Application delivers substantial value to the Organizations by pairing AppDynamics with the strength Cisco has in the security market, making security an integral part of the enterprise application monitoring strategy. It extends the current performance monitoring capabilities of AppDynamics to provide continuous monitoring for vulnerabilities, runtime detection of exploits, and real-time defense against a broad range of attacks.
Thanks to Secure Application, Savi’s organisation Bridge to Possibili-Tea can protect applications at runtime, detect and block attacks in real-time, and simplify the lifecycle of security incidents by providing application and business context and creating a shared context across Application and Security teams to drastically reduce the MTTD and MTTR. Application Team can now scope a security incident and understand the potential impact to users and the business and strategically prioritize remediationby business impact.
Next
We’ll look at the lab environment and how Cisco Secure Application fits in.