Cloud-native applications encompass a new approach on how software is built, deployed, and managed in cloud computing environments. With the increased adoption of cloud technologies, many organizations have begun moving applications to the cloud and creating cloud-native applications. While Software Development Lifecycle (SDLC) security controls can help with securing cloud applications, these controls neglect the infrastructure layer of cloud-native applications and the unique risks presented by applications deployed in cloud environments.
In the white paper “How to protect cloud native applications?”, the ND-ISAC Application Security Working Group presents the unique challenges and risks surrounding the deployment of applications in the cloud, and the strategies needed to support a strong security posture. The white paper covers three main areas of cloud native applications:
- An introduction into cloud architecture concerns (shared responsibility, new technology components, zero-trust, etc.)
- Top 10 risks impacting the cloud native applications
- Standardization, security controls and automation concerns which are embedded concerns of the DevSecOps strategy
This paper introduces the importance of securing cloud-native applications to minimize risk to the organization and implementations. Securing applications in the cloud includes additional layers of risk that all organizations must be aware to enable the creation of a comprehensive application security strategy.
The audience of this white paper includes cloud architects, security engineers, lead software engineers, product managers, senior managers, and senior executives responsible for the implementation of software security in cloud environments, as well as those managing the risk associated with threat vectors in cloud-native applications.
For more information, collaboration on future releases, or if you are interested in becoming a member of ND-ISAC contact: firstname.lastname@example.org