As IT evolves, the entire way security is approached is starting to fundamentally change. Instead of thinking in term of securing perimeters, savvy IT organizations now think in terms of securing application workloads. This creates a more granular approach to IT security that makes it simpler to apply controls and policies wherever that workload happens to run.
Barracuda Networks this week moved to advance that approach to IT security by unfurling a Vulnerability Remediation Service hosted in the cloud. Nitzan Miron, vice president of product management for application security services at Barracuda Networks, says the basic idea is to make it simpler for IT organizations to create a reusable set of workflow processes for updating and patching web applications. At the same time, Miron notes that Barracuda Networks is providing a means for distributing IT security software in a way that dovetails with how many IT organizations are starting to employ modern DevOps processes.
Miron says Vulnerability Remediation Services has been designed from the ground up to simplify vulnerability remediation. In fact, Miron says, organizations can opt to have IT security teams manage that process or delegate it to IT administrators. Barracuda Networks right now presents those individuals with a user interface to access the Barracuda services. But in the future, Miron says, Barracuda Networks will also expose an application programming interface (API) through which developers can invoke the Vulnerability Remediation Service to automate the entire application update process.
“We think security is going to become part of the modern approach to DevOps,” says Miron.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
Thanks to more security awareness among application owners and the rise of DevOps processes that make developers more responsible for the entire lifecycle application on an end to end basis, the way security is managed is changing. Of course, that level of change also brings with it a fair amount of disruption that many IT organizations in the months and years ahead will find very challenging to absorb.