Back to Feed

Black Hat and Defcon Roundup : A Deep Dive into the Future of Application Security

Yossi Pik, CTO and Co-founder

-

August 22, 2023

We love AppSec

One of the significant highlights was our presence at Black Hat with Backslash Security. Situated on the expo floor, our booth became a magnet for numerous professionals searching for robust application security solutions. Throughout the event, the interactions and conversations that unfolded at our stall were nothing short of enlightening.

Three recurrent themes emerged from these conversations:

  1. Overwhelming AppSec Tools: Both developers and appsec professionals expressed their frustrations over the plethora of application security tools available in the market. These tools often generated an overwhelming amount of noise, making it challenging to sift through and collaborate effectively.
  1. Chasing Ghosts: It became evident that many teams spend countless hours chasing vulnerabilities, which, in the grand scheme of things, don't pose significant threats. Many of these vulnerabilities aren't practically exploitable, leading to wasted resources and misplaced focus.
  1. The Forgotten Realm of AppSec: An interesting observation was the growing sentiment that while cloud security technology has evolved to be cloud-native, application security seems to be lagging behind, feeling somewhat forgotten in the broader cybersecurity narrative.

These insights provided a rich prelude to the burgeoning concept of Application Security Posture Management (ASPM) – a solution that promises to address many of the concerns voiced during these interactions.

Reimagining Applications: ASPM's Pioneering Vision

The traditional viewpoint on applications is akin to viewing a jigsaw puzzle by its individual pieces. But ASPM, emerging as a potent force from our conversations at the Black Hat and Defcon events, demands we see the entire picture – each piece interlocking seamlessly with the next.

Applications aren’t mere isolated entities of code. Like a modern city, they're an intricate network, where traditional code-based infrastructure intersects with cloud components. A developer I spoke with illustrated it vividly: “In the past, we'd view the code as the city's buildings and the cloud components as its roads. ASPM merges these views, understanding that a city's function is the interplay between its structures and pathways.”

To dissect applications and cloud components separately is to compromise the integrity of security analytics. Tools operating in silos, not sharing insights across these domains, are like doctors who treat symptoms in isolation, ignoring a patient’s holistic health.

ASPM and The Role of Technology

While ASPM’s philosophy reshapes our understanding of applications, its practical realization hinges on technology. And here, the mandate isn’t a superficial facelift. ASPM requires tools designed from the ground up to untangle the web of interactions between code and cloud.

Traditional tools, as several participants noted, often repackage existing findings in eye-catching visualizations. In contrast, Backslash’s ASPM-powered backbone dives deeper, identifying and analyzing the complex interrelationships that older tools gloss over. One CISO put it succinctly: “It’s like moving from basic arithmetic to calculus. The depth of analysis and the challenges are on another level, and you need the right tools to navigate this terrain.”

Panel Discussion at DefCon: "Not All Alerts Are Born Equal"

Backslash was privileged to host the panel discussion titled "Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts" at DefCon. Esteemed panelists that included Trupti Shiralkar from Datadog, Joe Christian from Paylocity, and Kiran Shirali from eBay shared their knowledge on managing security alerts.

Key discussion points included:

  • Prioritizing Alerts: Strategies for classifying alerts based on severity and contextual relevance.
  • Reducing Alert Fatigue: Addressing the challenge of handling high alert volumes and ensuring priority alerts receive due attention.
  • Best Practices for Triage: Techniques for efficient and effective alert assessment.
  • Embracing Automation: Harnessing technology for efficient alert handling.
  • Enhancing Security Posture: Collaborative endeavors towards solidifying the security infrastructure.

Conclusion

The Black Hat and Defcon experiences have been immensely enriching. From our booth interactions that spotlighted genuine industry challenges to the promising solutions offered by paradigms like ASPM, the future of application security seems poised for innovation and growth. Filled with anticipation and new learnings, I eagerly await next year's edition, looking forward to delving deeper into the evolving world of application security.