IT PARK
    Most Popular

    5 Key Considerations for Data Migration to the Cloud

    Jun 22, 2025

    Nvidia Announces GH200 Superchip, Most Powerful AI Chip, to Accelerate Generative AI Workloads

    May 27, 2025

    How Research Institutes Should Use Data Analytics Tools to Improve Research Efficiency

    Jul 07, 2025

    IT PARK IT PARK

    • Home
    • Encyclopedia

      What kind of technology is machine vision technology?

      Jul 07, 2025

      How does the camera work?

      Jul 06, 2025

      How do Bluetooth headsets achieve noise cancellation?

      Jul 05, 2025

      Wireless charging principle

      Jul 04, 2025

      How to solve the problem of computer blue screen? What about the blue screen of the computer?

      Jul 03, 2025
    • AI

      What is AI?

      Jul 07, 2025

      Microsoft for ChatGPT self-research AI chip, TSMC 5nm, as early as next year to open with

      Jul 06, 2025

      Will the latest AI "kill" programming

      Jul 05, 2025

      Neural AI, the next frontier of artificial intelligence

      Jul 04, 2025

      AI reads brains and deciphers people's inner monologues! Will it read all my secrets?

      Jul 03, 2025
    • Big Data

      How Research Institutes Should Use Data Analytics Tools to Improve Research Efficiency

      Jul 07, 2025

      How to Program Big Data Effectively

      Jul 06, 2025

      Five database concepts, read the database layout of Amazon Cloud Technologies

      Jul 05, 2025

      What is streaming data?

      Jul 04, 2025

      Production control equipment maps, multi-source data analysis issues in-depth mining

      Jul 03, 2025
    • CLO

      Three common misconceptions about sustainability and cloud computing

      Jul 07, 2025

      Ten Ways Cloud-Native Development is Changing Cybersecurity

      Jul 06, 2025

      What is a multi-cloud network?

      Jul 05, 2025

      Cloud computing kicks off sports revolution, market could reach $5.2 billion

      Jul 04, 2025

      Serverless: Uncovering the benefits of the emerging cloud computing model

      Jul 03, 2025
    • IoT

      Self-driving cars: Opening the wave of full digital disruption in the Internet of Things era

      Jul 07, 2025

      Smart Supply Chain Guide

      Jul 06, 2025

      Internet of Things and the Elderly

      Jul 05, 2025

      The Future of the Internet of Things and Self-Storage

      Jul 04, 2025

      Skills shortage remains the biggest barrier to IoT adoption in the oil and gas industry

      Jul 03, 2025
    • Blockchain

      How blockchain technology can be applied to environmental protection to drive a green economy

      Jul 07, 2025

      After the collision between quantum computing and blockchain - quantum blockchain

      Jul 06, 2025

      How to Use Blockchain Technology to Enhance Data Security

      Jul 05, 2025

      What is blockchain? Simply understand blockchain

      Jul 04, 2025

      How does the Internet of Things affect the working world?

      Jul 03, 2025
    IT PARK
    Home » CLO » Ten Ways Cloud-Native Development is Changing Cybersecurity
    CLO

    Ten Ways Cloud-Native Development is Changing Cybersecurity

    The "everything-is-code" approach to cloud-native infrastructure makes it easier to set up telemetry where it was previously impossible, as long as security professionals can adapt to the fact that legacy network monitoring mechanisms may no longer work for them.
    Updated: Jul 06, 2025
    Ten Ways Cloud-Native Development is Changing Cybersecurity

    The cloud-native development model offers the opportunity to realize the benefits of application security that cybersecurity advocates have been championing for more than a decade, but the transition to cloud-native security requires new tools and applications and a different mindset for security operations that will take many cybersecurity professionals out of their comfort zone.

    Here are some insights from developers, application security experts and cloud-native technologists on how cloud-native cybersecurity differs from traditional approaches.

        Everything as Code Makes Application Security Critical

    In cloud-native architectures, microservices and API-led interactions exist not only between application components but also between the underlying infrastructure, meaning everything becomes an application security issue, said Scott Piper, principal security researcher at Wiz, an Israeli cloud-native security provider.

        Larger cyber attack surface

    Kristen Bell, director of application security engineering at GuidePoint Security, said that with the increase in microservices and APIs, data flows have become more complex. There is more integration between applications and systems, all of which leads to a larger cyber attack surface and more complexity to consider from a security perspective. Combined with these changes, we are seeing more and more new privacy laws requiring the geolocation of data.

        New architectures require new specialized security tools

    While there are traditional application security scanning tools such as static application security testing, dynamic application security testing and software portfolio analysis that are still applicable to cloud-native environments, developers and cybersecurity teams now need a plethora of new features and niche security products, said Rebecca Deck, principal application security engineer at Avalara.

        On-premise security tools can come at a significant cost

    Deck also warns that while traditional tools can still play an important role in cloud-native security, development and security teams must understand how they are architected and what it takes to run them. If they are not on-premise tools designed for a cloud-first containerized model, it can be costly to run them in those environments.

        Change is constant

    The dynamic and ephemeral nature of cloud-native infrastructure and development models means that change is the only constant.

    This constant state of change in the environment presents a huge challenge for security professionals tasked with maintaining a consistent security posture, said Juan Orlandini, chief technology officer for North America at Insight Enterprises. Because cloud-native environments are dynamically orchestrated, he said, "there are constant changes, including scaling up and down and upgrading software."

        Threat Modeling Imperative

    Orlandini of Insight Enterprises said threat modeling is becoming an increasingly important part of managing software risk given the expanding cyber attack surface and the dynamic conditions of cloud-native environments. Tools need to evolve to support threat modeling as a core component of cloud-native security," he explained. This means providing tools to identify potential vulnerabilities and attack surfaces and automate assessments to identify misconfigurations and other issues."

        Developer-Centric Security Tools Become Critical

    Keeping up with the speed and flexibility of development workflows means manual reviews and handoffs are no longer as effective, says Jeff Talon, director of software delivery at Liberty Mutual. Security needs to be streamlined in the development workflow, he says, and security teams must find a way to create developer-centric tools and processes to review code and maintain security status.

        Security should strive for standardization

    The emerging state of cloud-native environments breeds a "Wild West" atmosphere that can pose serious challenges to rule-oriented security personnel. Security teams can help developers modernize cloud computing by proposing standards and security-focused guidelines.

        Security-as-code helps application security keep pace with cloud-native

    Talon said automating requirements through policy-as-code in a developer-centric tool is the ultimate goal of cloud-native security. Security requirements are automated through the use of policy-as-code in the continuous integration/continuous deployment pipeline and cloud runtime, providing a consistent development experience and ensuring security and compliance requirements are met throughout the development process," he said. With this, developers can get security feedback earlier in the process and in an environment that enables them to self-correct and move on."

        Continuous monitoring made easier

    Orlandini said the best approach to cloud-native security will include continuous monitoring, which may differ from traditional application security approaches that focus more on periodic scanning than real-time monitoring.

    The good news is that the "everything-is-code" approach to cloud-native infrastructure makes it easier to set up telemetry where it wasn't previously possible, as long as security professionals can adapt to the fact that legacy network monitoring mechanisms may no longer work for them.

    Security Cloud Native Networking
    Previous Article How to Program Big Data Effectively
    Next Article Everything you need to know about artificial intelligence in the age of AI

    Related Articles

    Blockchain

    How blockchain is revolutionizing cybersecurity

    Jun 16, 2025
    Encyclopedia

    What are the Wi-Fi password security levels?

    May 16, 2025
    IoT

    Protecting IT, OT, IOT and IoMT in Healthcare

    Jun 24, 2025
    Most Popular

    5 Key Considerations for Data Migration to the Cloud

    Jun 22, 2025

    Nvidia Announces GH200 Superchip, Most Powerful AI Chip, to Accelerate Generative AI Workloads

    May 27, 2025

    How Research Institutes Should Use Data Analytics Tools to Improve Research Efficiency

    Jul 07, 2025
    Copyright © 2025 itheroe.com. All rights reserved. User Agreement | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.