Connect with us

Tech

Security leaders demand more surveillance of cloud native apps

Published

on

Security leaders demand more surveillance of cloud native apps

New research highlights challenges CISOs face in securing cloud-native applications

Cliff Saran

By

Published: 01 Jun 2022 13: 38

A global survey by Coleman Parkes of Dynatrace found that multicloud deployments make IT security more complicated.

The survey, based on a poll of 1,300 chief information security officers (CISOs) in organisations with more than 1,000 employees, reported that, in spite of having a multi-layered approach to IT security, three-quarters of CISOs (75%) are worried that too many application vulnerabilities leak into production.

When asked about their approach to securing open source software, just a quarter (25%) of respondents said their security teams can access a fully accurate, continuously updated report of every application and code library running in production in real time. A third (33%) admit their security teams do not always know which third-party code libraries they have running in production. Almost all (95%) said their organisations faced risk exposure from Log4Shell, and 35% cited their risk as ‘high’ or ‘severe’.

Over two-thirds (69%) of CISOs said vulnerability management has become more difficult as the need to accelerate digital transformation has increased. The survey found that the speed and complexity created by using multicloud environments, multiple coding languages, and open source software libraries are making vulnerability management more difficult. Three quarters (75%) of CISOs surveyed believe that despite having a multilayered security strategy, gaps in coverage allow for vulnerabilities to be introduced into production. .

According to Dynatrace, the drive for faster transformation is also prompting organisations to adopt agile practices such as DevSecOps, to remove traditional bottlenecks that can tax understaffed security teams. DevSecOps allows developers to protect their code and allow organisations to release new services more quickly. Dynatrace cautioned that the practice is still evolving and that many developers lack the resources necessary to assume greater security responsibility. Dynatrace stated that shifting security responsibility ‘leftward’ to developers is not enough. Dynatrace recommended that organizations also shift to the ‘right” to ensure applications are secure in production. This is essential to ensure that vulnerabilities discovered in production are not overlooked and remain vulnerable to exploitation.

“Organisations realise that to manage vulnerabilities in the cloud-native era effectively, security must become a shared responsibility,” said Bernd Greifeneder, chief technology officer at Dynatrace. “The convergence between security and observability is crucial for providing development, operations, and security teams the context they need to understand how their apps are connected, what vulnerabilities lie, and which ones should be prioritized. This accelerates risk management and incident response.”

Read more on Application security and coding requirements

Read More

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Tech

USB logos finally make sense, thanks to a redesign

Published

on

By

USB logos finally make sense, thanks to a redesign


Author: Mark Hachman
, Senior Editor

As PCWorld’s senior editor, Mark focuses on Microsoft news and chip technology, among other beats. He has formerly written for PCMag, BYTE, Slashdot, eWEEK, and ReadWrite.

Read More

Continue Reading

Tech

Cheaper OLED monitors might be coming soon

Published

on

By

Cheaper OLED monitors might be coming soon


Author: Michael Crider
, Staff Writer

Michael is a former graphic designer who’s been building and tweaking desktop computers for longer than he cares to admit. His interests include folk music, football, science fiction, and salsa verde, in no particular order.

Read More

Continue Reading

Tech

New Pixel Watch leak reveals watch faces, strap styles and more

Published

on

By

New Pixel Watch leak reveals watch faces, strap styles and more
Google Pixel watch



The Google Pixel Watch is incoming
(Image credit: Google)

We’re expecting the Google Pixel Watch to make its full debut on Thursday, October 6 – alongside the Pixel 7 and the Pixel 7 Pro – but in the meantime a major leak has revealed much more about the upcoming smartwatch.

Seasoned tipster @OnLeaks (opens in new tab) has posted the haul, which shows off some of the color options and band styles that we can look forward to next week. We also get a few shots of the watch interface and a picture of it being synced with a smartphone.

Watch faces are included in the leak too, covering a variety of different approaches to displaying the time – both in analog and digital formats. Another image shows the watch being used to take an ECG reading to assess heartbeat rate.

Just got my hands on a bunch of #Google #PixelWatch promo material showing all color options and Watch Bands for the first time. Some details revealed as well…@Slashleaks 👉🏻 https://t.co/HzbWeGGSKP pic.twitter.com/N0uiKaKXo0October 1, 2022

See more

Full colors

If the leak is accurate, then we’ve got four silicone straps on the way: black, gray, white, and what seems to be a very pale green. Leather straps look to cover black, orange, green and white, while there’s also a fabric option in red, black and green.

We already know that the Pixel Watch is going to work in tandem with the Fitbit app for logging all your vital statistics, and included in the leaked pictures is an image of the Pixel Watch alongside the Fitbit app running on an Android phone.

There’s plenty of material to look through here if you can’t wait until the big day – and we will of course be bringing you all the news and announcements as the Google event unfolds. It gets underway at 7am PT / 10am ET / 3pm BST / 12am AEDT (October 7).


Analysis: a big moment for Google

It’s been a fair while since Google launched itself into a new hardware category, and you could argue that there’s more riding on the Pixel Watch than there is on the Pixel 7 and Pixel 7 Pro – as Google has been making phones for years at this point.

While Wear OS has been around for a considerable amount of time, Google has been leaving it to third-party manufacturers and partners to make the actual hardware. Samsung recently made the switch back to Wear OS for the Galaxy Watch 5 and the Galaxy Watch 5 Pro, for example.

Deciding to go through with its own smartwatch is therefore a big step, and it’s clear that Google is envious of the success of the Apple Watch. It’s the obvious choice for a wearable for anyone who owns an iPhone, and Google will be hoping that Pixel phones and Pixel Watches will have a similar sort of relationship.

What’s intriguing is how Fitbit fits in – the company is now run by Google, but so far we haven’t seen many signs of the Fitbit and the Pixel lines merging, even if the Pixel Watch is going to come with support for the Fitbit app.

Dave is a freelance tech journalist who has been writing about gadgets, apps and the web for more than two decades. Based out of Stockport, England, on TechRadar you’ll find him covering news, features and reviews, particularly for phones, tablets and wearables. Working to ensure our breaking news coverage is the best in the business over weekends, David also has bylines at Gizmodo, T3, PopSci and a few other places besides, as well as being many years editing the likes of PC Explorer and The Hardware Handbook.

Read More

Continue Reading

Trending

Copyright © 2022 Xanatan