There are so many different statistics and ratings in the world that it’s just silly to believe everything. However, the latest report on security technologies by Gartner seems to me a proven and up-to-date information. According to this report (after the Gartner Security & Risk Management Summit, being held through June 26), the 10 top security technologies were identified as the nearest future of IT security.
The first place goes to cloud access security brokers. CASB are on-premise or cloud-hosted software that provides security to cloud services. They offer a range of capabilities including discovery and risk rating of cloud services, encryption and tokenization, access control, data loss prevention, logging and auditing and some others. It is estimated that by 2016 almost a quarter of all enterprises will secure access to cloud-based services using a Cloud Access Security Broker platform and that these platforms will reduce the cost of securing access by 30 percent.
Adaptive access control is an instance of context-aware access control the function of which is to balance the level of trust against risk. It uses a combination of trust elevation and other dynamic risk mitigation techniques. With an adaptive access management architecture, an enterprise is able to allow access from any device and from anywhere. For social ID it allows access to a range of corporate assets with mixed risk profiles.
It is hard to be protected from all attacks, some of them will inevitably bypass traditional blocking. However, such cases can be effectively used by many pervasive sandboxes that simply “detonate” executables and content in virtual machines (VMs). If a potential incident has been detected, IOC (Indicators of Compromise) should be compared across different entities to see if this is a real threat or not. By destroying the data, sandboxing reduces the amount of time a hacker has the ability to manipulate or extract your information assets.
The endpoint detection and response (EDR) tools identify endpoint and network events and store these records in a database. Then this database is searched by analytics tools to identify tasks that are able to improve the security state as deflecting common attacks, providing early identification of ongoing attacks, and rapidly responding to those attacks.
It is predicted that the domain-specific analytics will become a core feature of all effective security protection platforms in the nearest future. Gartner estimates that by 2020, a “security data warehouse” will be established at 40 percent of enterprises for the storage of monitoring data to support retrospective analysis. Data analytics will be used to identify when meaningful deviations from normal occur.
Machine-readable threat intelligence is a capability that allows security platforms to make operational security decisions based on information about the prevailing threat landscape. Reputation services provide a sort of dynamic, real-time “trustability” rating of user and device reputation as well as URL and IP address reputation that can be taken into account for making a security decisions.
The strategy of this method is to treat everything that is unknown as untrusted and isolate its handling and execution so that it cannot cause permanent damage to the system. Virtualization and containment strategies are expected to become a common element of a defense-in-depth protection strategy for enterprise systems, reaching 20 percent adoption by 2016 comparing to nearly zero widespread adoption in 2014.
Software-defined security is typically implemented in IT environments that have minimal or no hardware-based security dependence, such as cloud computing and virtualization infrastructures. Each new device created within the environment is automatically covered and controlled under the base security policy. Moreover, being software-defined and managed security, environments can be moved or migrated within other data center/IT facilities without affecting the security policy and controls in place.
Interactive application security testing (IAST) is a combination of two techniques: a static application security testing (SAST) and dynamic application security testing (DAST). Such interaction of static and dynamic techniques ensures increased accuracy of application security. This method allows to confirm or deny the exploitability of the identified vulnerability and determine its origin in the application code.
The Internet of Things encompasses a wide variety of devices ranging from heart monitoring implants and an automobile with built-in sensors to operational technology (OT) systems provided by equipment manufacturers and used by manufacturing or utilities industries enterprises. Many of the Internet of Things tend to communicate without human involvement and that will need to be protected and secured.
Now that you are in course of the latest security trends, it’s time to check if your application is well protection and think of a strategy of further security improvements.
July 25, 2014