Security concepts for the future

In a recent study in cooperation with CIO, CSO and COMPUTERWOCHE, Airlock looked at application and API security in the container environment. Here you can gain a brief insight into the interesting findings.

 

Read the complete study

You have probably already heard of DevOps. DevOps is made up of the words “development” and IT “operations”. DevOps is intended to enable more effective and efficient collaboration in the dev, ops and quality assurance (QS) fields through the use of common incentives, processes and tools. DevOps aims to improve the quality of software, the speed of development and delivery as well as collaboration between team members.

 

But have you heard of DevSecOps? The short syllable “Sec” brings software security into the mix. This concept considers the entire software lifecycle from development to delivery and operation with an additional view to security aspects – security represents a key element at all stages. This allows good, secure software to be developed and operated quickly and in a agile manner. This should not be confused with SecDevOps, which is a further development of the DevSecOps concept and, as its name implies, puts security as the number one aspect in the development process.

 

An answer to the question as to how widely the DevSecOps concept is already in use in businesses is provided by the study presented here. The fact alone that 64 percent of those surveyed said that upper IT management is directly involved in decision-making for DevSecOps measures and tools shows that this is a very business-relevant topic. At the same time, more than half of businesses complain about the severe shortage of DevSecOps professionals. This is unsurprising, but it highlights the dilemma that businesses have been facing for many years now: In all essential areas of IT security there is a lack of experts.

This development seems to be getting worse – and is happening at a rather inopportune moment. The study also shows that two thirds of businesses are using a large number, sometimes several hundred, web apps and APIs that require protection. The security of these is a prime example of where the DevSecOps concept should be used – just like a general container-based Identity and Access Management system, albeit this is something that has not yet seen widespread implementation. To ensure the best possible protection, it is possible to use either separate security solutions – one for web apps and one for APIs – or to cover both of these with a single solution. Which of these two routes businesses have decided on is often not known by the businesses themselves – a rather surprising finding that came from our survey.

As the author of the study writes:

Businesses in Germany must be made more aware of the importance of API management and API security, as well as linking this with web app security. This study is an initial step in this direction.

If you would like to learn more, you can find the results of the study for downloading here.

Read the complete study

 

Blognews directly in your mailbox

The Airlock Newsletter informs you continuously about new blog articles.

Subscribe blognews

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge