A recently released report from the IT analysis and research firm Enterprise Strategy Group (ESG )revealed very few companies are using good security practices to protect their cloud-native apps. According to the report, only 8 percent of respondents are securing 75 percent or more of their apps with DevSecOps practices. Sixty-eight percent of companies plan to secure apps using DevSecOps within the next two years. 

“This study reveals that while organizations have started, there is more work to be done when it comes to securing their cloud-native apps with the benefits DevSecOps offers,” said Doug Cahill, senior analyst and group practice director of cybersecurity for ESG. “Fundamental changes to application architectures and the infrastructure platforms that host them are antiquating existing cybersecurity technologies and challenging traditional approaches to protecting business-critical workloads. Organizations should consider newer approaches to securing their cloud-native apps, particularly solutions that address API-related vulnerabilities, which tops respondents’ minds when identifying their top threat concern.”

Other findings include 82 percent of organizations have different teams assigned to secure cloud-native apps, more than half of respondents are using serverless functions; and API security is a top area for security spending. 

Microsoft’s cloud-native SIEM solution now available
Microsoft announced Azure Sentinel is now available. The Security Information and Event Management (SIEM) solution is designed to provide intelligent security analytics at cloud scale for enterprises of all sizes and workloads. 

“Traditional on-premises SIEMs require a combination of infrastructure costs and software costs, all paired with annual commitments or inflexible contracts. We are removing those pain points, since Azure Sentinel is a cost-effective, cloud-native SIEM with predictable billing and flexible commitments,” Ann Johnson, corporate vice president of Microsoft’s cybersecurity solutions group, wrote in a post. “Infrastructure costs are reduced since you automatically scale resources as you need, and you only pay for what you use.”

Cloudflare introduces new user insights
Cloudflare released Browser Insights, a new tool designed to measure the performance of websites based on users’ perspectives. It provides insight into when, why, and where web pages are slow. According to the company, the availability to leverage real user monitoring capabilities enables teams to actually visualize what is going on with web pages.

“Speed matters. We know that when your website or app gets faster, users have a better experience and you get more conversions and more revenue,” the company wrote in a post

SecureAge releases AI-powered APEX anti-malware engine
SecureAge Technology’s new anti-malware scanning engine APEX is designed to expand its endpoint protection platform detection capabilities online and offline. It uses artificial intelligence to uncover unseen and mutated malware variants, and provides next-generation detection capabilities to detect advanced threats like zero-day malware. 

“The problem with traditional antivirus solutions is that they rely on a prearranged blacklist of currently known malware types to protect users, and therefore fail in catching new viruses until a user’s system has already been compromised,” said Dr. Teow-Hin Ngair, founder and CEO of SecureAge. “APEX was designed to perform one step ahead, using machine learning to detect malware and ransomware before they infect a user’s system, acting as a proactive deterrent rather than a reactive countermeasure.”