As we know all too well, cybersecurity is a field suffering from a staggering talent shortage. Security approaches that focus on disparate tools and human capital initiatives just don’t cut it – not when the pace of innovation is fast and furious and, in tandem, the pace and severity of threats continue to grow and become increasingly automated. Security teams are short staffed, over taxed and behind the eight ball.
The situation certainly signals the need for automation to move security from human to machine speed. “Skills shortages, technical complexity and the threat landscape will continue to drive the move to automation and outsourcing,” Gartner says. Nineteen percent of enterprise organizations (i.e. more than 1,000 employees) are already extensively adding technologies for security operations automation and orchestration, and 39 percent are doing so on a limited basis, according to ESG research.
Splunk scooping up cybersecurity innovator Phantom for $350M earlier this year served as a strong indicator that the industry is moving to embrace automation and orchestration on a broader scale. In Splunk’s case, the company has “decided to add a dedicated security operations automation and orchestration toolset to its security information and event management (SIEM) platform,” according to ESG’s Jon Oltsik. A smart move to help Splunk’s customers remediate identified issues faster and more efficiently than ever before.
Market Momentum for Automation is Happening Beyond the SOC
This groundswell for automation is, and should be, happening beyond the SOC. Take, for example, code and application security. In order to keep up with the velocity of development, IT and security leaders are recognizing the need to shift toward a new approach where automation and orchestration are at the foundation of the application development and deployment processes.
Why? Given the frequent, and unfortunately massive, breaches that have occurred due to application vulnerabilities, the current approaches to security testing aren’t working. Code and application security testing need to be seamlessly embedded into the software development lifecycle. This is an important principle behind DevSecOps, integrating security visibility and assurance from code check-in to production and ongoing operations.
In fact, Gartner reports in “10 Things to Get Right for Successful DevSecOps” that “by 2019, more than 70% of enterprise DevSecOps initiatives will have incorporated automated security vulnerability and configuration scanning for open-source components and commercial packages, up from less than 10% in 2016.”*
ZeroNorth brings orchestration and automation to software development. By integrating with security and DevOps tools across the development lifecycle, ZeroNorth delivers continuous visibility and assurance across all code repositories, application deployments and cloud infrastructures. We automate and orchestrate code and application security testing, reducing application vulnerability exposure and enabling security at the velocity of DevOps.
Read how organizations like Zerto, a cloud IT Resilience platform, automates and orchestrates disparate tools to achieve one source of the truth for risk, compliance and vulnerability management across its dynamic development environment.
*Source: Gartner “10 Things to Get Right for Successful DevSecOps” by Neil MacDonald, Ian Head, 3 October 2017.