This is the fifth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. While IT and security professionals all generally agree that cyberattacks are on the rise, there remains a great deal of disparity in how they choose to prepare for those attacks.

The many benefits of microservices architecture, such as improved scalability and agility, explain why organizations are migrating from the traditional monolithic architecture. However, these benefits come at the cost of increased complexity, especially regarding security. According to an O’Reilly survey, 56% of respondents considered increased complexity the greatest challenge in developing microservices.

A first of its kind survey looks at the relationship between open-source and K8s security. Today DevOps and security teams who deploy Kubernetes are forced to make a difficult choice between two security realities. They can either commit to a proprietary solution that they can’t adapt, access its code, influence the roadmap or contribute to its future. Or they can use open-source tools. But then they’ll end up attempting to integrate several of these tools together.

Modern containerized applications are increasingly born in the cloud and the big three managed Kubernetes services – Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), and Google Kubernetes Engine (GKE) – rule the skies. With more users picking managed services in public cloud as their preferred platform, self-managing a backup infrastructure in the cloud is an antithesis.

Microsoft Windows 10 tops the list in terms of users around the world. Among those users, some belong to IT backgrounds but a majority of those users are not acquainted with IT, which means that they have limited knowledge about cybersecurity and its importance. Companies like Microsoft are prone to multiple attacks by bounty hunters or even black hat hackers intending to disturb the company’s operations.

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future. Contents hide 1 What Is SAST? 2 Why do we need SAST? 3 What problems does SAST address? 4 How does SAST work?