4 min lire

ASM et DevOps ?

ASM et DevOps ?

Rédigé par
Subbiah Sundaram
Publié le
14 septembre 2017
Partager sur les réseaux sociaux

A few day ago, I had a great conversation with an ASM specialist around how ASM can be included in DevOps.

Every application developed and deployed needs robust protection, and using ASM as an application firewall offers an excellent solution. The strength of ASM lies largely in its policy-based approach, which allows for precise control through the description of allowed and blocked signatures.

Developers, being the architects of their applications, possess an unparalleled understanding of their creations. This intimate knowledge makes them ideally suited to develop ASM security policies tailored to their applications' specific needs and vulnerabilities. By empowering developers to craft these policies, organizations can create more effective and efficient security measures that align closely with the application's architecture and functionality.

However, policy development is only the first step. Rigorous testing is crucial to ensure the effectiveness of these security measures. This is where centralized tools like our SCOM F5 BIG-IP Management Pack prove invaluable. This comprehensive solution provides detailed reports on all blocked sessions, offering crucial information such as:

  1. When the session was blocked
  2. Why it was blocked
  3. Which specific policy triggered the block

These reports serve a dual purpose. They can be used for manual review, allowing developers and security teams to analyze the effectiveness of their policies and identify any potential issues. Additionally, the ability to export these reports to CSV format supports automated testing processes, seamlessly integrating security testing into continuous integration and deployment pipelines.

Report showing list of blocked sessions, when, why and by which policy the session was blocked

 

This report can be used for manual review of results or exported automatically to CSV to support automatic tests.

Once developers are happy with the policy they can send it for “peer review” by ASM specialists.

One item ASM specialists may appreciate is that they can use our SCOM F5 BIG-IP Management Pack as a communication tool to report any blocked solutions. By using SCOM this report can be automatically attached to an issue tracking system issue or delivered i.e. by email.

Once approved by ASM SME, developers can script policy deployment with a new application version deployment.

If you're exploring ways to integrate and test ASM within your DevOps pipeline, we encourage you to take a closer look at our solution. It offers a comprehensive approach to application security that aligns with modern development practices.

To experience these benefits firsthand and see how our solution can enhance your application security strategy, we invite you to try a free evaluation. This hands-on experience will demonstrate how our SCOM F5 BIG-IP Management Pack can streamline your security processes and foster better collaboration between your development and security teams.

Photo de Shive Raja

SVP of Product

Subbiah Sundaram est SVP, Product chez HYCU. Subbiah dirige la gestion des produits, le marketing produit, les alliances, l'ingénierie des ventes et la réussite des clients, avec plus de 20 ans d'expérience dans la fourniture de solutions de protection des données multi-cloud et sur site de premier ordre. Diplômé d'un MBA de la Kellogg Management School, Subbiah a travaillé avec des entreprises de premier plan telles que EMC, NetApp, Veritas, BMC, CA et DataGravity.

Découvrez la première plateforme SaaS de protection des données

Essayez HYCU par vous-même et devenez un adepte.