The benefits of security behavior analytics for devops

How TrueFort’s approach to application-centric security monitoring creates a real-time feedback loop for dev, sec, and ops teams

The benefits of security behavior analytics for devops
Gremlin / Getty Images

Technologies and practices such as cloud-native architectures, continuous integration and continuous delivery (CI/CD), devops, and site reliability engineering (SRE) are enabling organizations to innovate and accelerate the delivery of software products.  But they are also disrupting the traditional software development and maintenance life cycle (SDLC) and significantly changing what enterprises need to do to successfully secure applications and business services.

To help organizations ensure the secure delivery of applications, TrueFort has developed an approach to cloud workload protection and monitoring called Application Security Behavior Analytics (ASBA). ASBA is based on three critical components:  Real-time application behavior profiling, CI/CD security monitoring, and run-time protection.

Real-time application behavior profiling

Business applications can generally be characterized by a combination of their behaviors and relationships to other entities.

For example, a typical retail ecommerce application includes communications between services using known API calls from the time zones in which customers are based, and from the networks associated with those time zones. There is also synchronized activity between web servers, load-balancers, caches, document stores, and databases.

To continue reading this article register now