4 Minuten lesen

ASM und DevOps?

ASM und DevOps?

Geschrieben von
Subbiah Sundaram
Veröffentlicht am
September 14, 2017
Auf sozialen Netzwerken teilen

A few day ago, I had a great conversation with an ASM specialist around how ASM can be included in DevOps.

Every application developed and deployed needs robust protection, and using ASM as an application firewall offers an excellent solution. The strength of ASM lies largely in its policy-based approach, which allows for precise control through the description of allowed and blocked signatures.

Developers, being the architects of their applications, possess an unparalleled understanding of their creations. This intimate knowledge makes them ideally suited to develop ASM security policies tailored to their applications' specific needs and vulnerabilities. By empowering developers to craft these policies, organizations can create more effective and efficient security measures that align closely with the application's architecture and functionality.

However, policy development is only the first step. Rigorous testing is crucial to ensure the effectiveness of these security measures. This is where centralized tools like our SCOM F5 BIG-IP Management Pack prove invaluable. This comprehensive solution provides detailed reports on all blocked sessions, offering crucial information such as:

  1. When the session was blocked
  2. Why it was blocked
  3. Which specific policy triggered the block

These reports serve a dual purpose. They can be used for manual review, allowing developers and security teams to analyze the effectiveness of their policies and identify any potential issues. Additionally, the ability to export these reports to CSV format supports automated testing processes, seamlessly integrating security testing into continuous integration and deployment pipelines.

Report showing list of blocked sessions, when, why and by which policy the session was blocked

 

This report can be used for manual review of results or exported automatically to CSV to support automatic tests.

Once developers are happy with the policy they can send it for “peer review” by ASM specialists.

One item ASM specialists may appreciate is that they can use our SCOM F5 BIG-IP Management Pack as a communication tool to report any blocked solutions. By using SCOM this report can be automatically attached to an issue tracking system issue or delivered i.e. by email.

Once approved by ASM SME, developers can script policy deployment with a new application version deployment.

If you're exploring ways to integrate and test ASM within your DevOps pipeline, we encourage you to take a closer look at our solution. It offers a comprehensive approach to application security that aligns with modern development practices.

To experience these benefits firsthand and see how our solution can enhance your application security strategy, we invite you to try a free evaluation. This hands-on experience will demonstrate how our SCOM F5 BIG-IP Management Pack can streamline your security processes and foster better collaboration between your development and security teams.

Shive Raja Kopfsprung

SVP von Produkt

Subbiah Sundaram ist der SVP, Produkt bei HYCU. Subbiah Sundaram leitet die Bereiche Produktmanagement, Produktmarketing, Allianzen, Vertriebstechnik und Kundenerfolg und verfügt über mehr als 20 Jahre Erfahrung in der Bereitstellung von erstklassigen Multi-Cloud-Datenschutz- und On-Premises-Lösungen. Als Absolvent der Kellogg Management School MBA hat Subbiah mit führenden Unternehmen wie EMC, NetApp, Veritas, BMC, CA und DataGravity zusammengearbeitet.

Erleben Sie die SaaS-Datenschutzplattform Nr. 1

Testen Sie HYCU selbst und werden Sie überzeugt.