The SOC is Set. Next Up: Orchestration and Automation for Application Security

Mar 02 2018

As we know all too well, cybersecurity is a field suffering from a staggering talent shortage. Security approaches that focus on disparate tools and human capital initiatives just don’t cut it – not when the pace of innovation is fast and furious and, in tandem, the pace and severity of threats continue to grow and become increasingly automated. Security teams are short staffed, over taxed and behind the eight ball.

The situation certainly signals the need for automation to move security from human to machine speed. “Skills shortages, technical complexity and the threat landscape will continue to drive the move to automation and outsourcing,” Gartner says. Nineteen percent of enterprise organizations (i.e. more than 1,000 employees) are already extensively adding technologies for security operations automation and orchestration, and 39 percent are doing so on a limited basis, according to ESG research.

Splunk scooping up cybersecurity innovator Phantom for $350M serves as a strong indicator that the industry is moving to embrace automation and orchestration on a broader scale. In Splunk’s case, the company has “decided to add a dedicated security operations automation and orchestration toolset to its security information and event management (SIEM) platform,” according to ESG’s Jon Oltsik. A smart move to help Splunk’s customers remediate identified issues faster and more efficiently than ever before.

Market Momentum for Automation is Happening Beyond the SOC

Take, for example, code and application security. In order to keep up with the velocity of development, IT and security leaders are recognizing the need to shift toward a new approach where automation and orchestration are at the foundation of the application development and deployment processes.

Why? Given the frequent, and unfortunately massive, (i.e. Equifax) breaches that have occurred due to application vulnerabilities, the current approaches to security testing aren’t working. Code and application security testing need to be seamlessly embedded into the software development lifecycle. This is an important principle behind DevSecOps, integrating security visibility and assurance from code check-in to production and ongoing operations.

In fact, Gartner reports that “by 2019, more than 70% of enterprise DevSecOps initiatives will have incorporated automated security vulnerability and configuration scanning for open-source components and commercial packages, up from less than 10% in 2016.”*

CYBRIC brings orchestration and automation to software development. By integrating with security and DevOps tools across the development lifecycle, CYBRIC delivers continuous visibility and assurance across all code repositories, application deployments and cloud infrastructures. We automate and orchestrate code and application security testing, reducing application vulnerability exposure and enabling security at the velocity of DevOps.

Click here to hear more about how organizations like Cytobank, a cloud-based platform that accelerates biomedical research productivity using machine learning tools, benefit from integrating and automating security testing tools.

*Source: Gartner “10 Things to Get Right for Successful DevSecOps” by Neil MacDonald, Ian Head, 3 October 2017.



  • Share: