Trend Micro Cloud One – Application Security

Overview

Businesses are aligning to cloud-native application architectures faster than ever before. Brought on by streamlined operations processes and the flexibility in build pipeline development tools and services, businesses are using application development as a strategic investment in the hopes that they’ll achieve improved application delivery and customer satisfaction.

A recent study conducted by research firm ESG indicated that 35 percent of businesses were using a combination of containers and serverless platforms for their application builds, with serverless adoption was quickly on the rise.

It continues to become easier to make applications for the web, and businesses are using them at ever-increasing rates. Unfortunately, not everyone—including developers and those who must defend their systems—knows how to secure them properly. With the interconnection of most web applications and IT systems, this lack of knowledge exposes enterprises to security risks from hackers who know how to exploit vulnerabilities in order to gain access to systems, software, and sensitive data.

Trend Micro Cloud One – Application Security is built for speedy deployment, with minimal impact on development streams and performance. It only takes a minute to add the library to your application, and there is no need to change your development code. Application Security bootstraps itself into your application at runtime, as opposed to an SDK that has to be integrated into the application. You just need to include the Application Security library with your application and activate it with the application keys. This approach simplifies how security is delivered and is a significant shift for application developers who need immediate, real-time protection for their apps and customers.

Application Security minimizes design and deployment risks by protecting against sophisticated hacks from inside the application. Optimized for modern application architectures, Application Security immediately blocks unwanted activity in real time to protect data and business logic. The result is unprecedented protection, keeping web application owners and their users safe from hacks with the highest degree of accuracy.

Build secure applications

Protect applications built on dedicated servers, VMs, containers, cloud workloads, and serverless platforms.

Minimize design and deployment risks, and remove the security maintenance burden by protecting against sophisticated hacks from the inside.

Experience faster results

Deploy security as code into applications in only 2 minutes with no additional code changes or rules to set up.

Our more modern, simpler approach to securing your web applications prevents vulnerabilities from being exploited in the first place.

Improve developer productivity

Spend more time delighting your customers with a great application and less time on tedious maintenance caused by coding oversights and weaknesses in dependencies.

Deliver a better experience to your customers, knowing your applications and customer data is secure.

Application Security’s Key Benefits

Detects and protects against the OWASP Top 10 runtime threats, including SQLi. Remote command execution (RCE) threats are also provided in detection mode.
Blocks injection and other automated attacks
Complete coverage and reporting of every attack instance
Provides full diagnostic details about code vulnerabilities
Avoids time-wasting false positives and theoretical issues
Offers insight into an attacker’s identity and attack methodology
Installs in two minutes—no source code changes required

Features

Develop

Applications with security in mind

Trend Micro Cloud One – Application Security delivers an embedded security framework for your web applications and containerized web apps, including Kubernetes and serverless functions to easily protect their microservices applications in traditional, cloud, or Kubernetes environments.

Unlike signature-based tools, Application Security secures against code vulnerabilities, data exfiltration on the server, and other common vulnerability attacks at the application level. You can deploy the product across just about any architecture and network topology, ensuring application end users and sensitive data is safe. It automatically hooks into your framework at key points, detecting exploit attempts to immediately prevent hacks and identify vulnerabilities.

Discover

Threats and vulnerabilities that impact your apps

Get help with prioritization of remediation and protection, anti-malware scanning, and insights into common attacks and malicious user behavior. Gain visibility into web application attacks and detailed diagnostics about attack source and type, attempted exploits, and targeted vulnerabilities. Application Security detects and protects against a wider range of attacks at runtime within your entire application, including:

SQL injections
Remote command execution
Illegal file access
Malicious file uploads, URL redirects, and payloads
And more

Remediate

Critical vulnerabilities introduced through secure coding mistakes and exposed dependencies

Application Security pinpoints web application vulnerabilities down to the line of code. Unlike traditional static and dynamic scanners, it reports only exploitable vulnerabilities, reducing waste and friction in the secure development lifecycle.

Get analysis of all the information for every request made to the application to decide if you should allow it, or take protective measures.

Since all protection takes place inside the application directly, network latency is not a factor, and Application Security runs fast.

Protect

User accounts and integrity of server code

For web application security, time is of the essence, and remediation expertise is often sparse. Upgrading to the more secure versions of application frameworks and fixing web application vulnerabilities takes time – even in an agile development cycle. Application Security prevents exploitation of vulnerabilities in your code with virtually no impact on application performance.

It collects and reports information about the attacker, the exploit attempt, and the code vulnerability. The attack is automatically prevented, and you have the visibility and information to stop it from ever happening again.

Easy install

Our technology is optimized to offer complete detection and protection on every request without impacting application performance.

Easy to deploy and use
Quick installation – only 2 minutes
Minimal onboarding
No changes to the web application code
Optimized for fully autonomous operation

Comprehensive language and framework support

Application Security is the only fully automated, cloud runtime protection solution for Python that does not require any changes to the web application code.

How It Works

Application Security is based on runtime self-protection technology. The Application Security library is self-contained and independently protects its application, even if it becomes disconnected from the Application Security service. User data is never exposed outside the application, ensuring your apps remain compliant with data protection mandates.

Protects
Protects applications with known vulnerabilities until remediation resources are available
Blocks
Blocks sensitive data from being exposed by injection attacks
Secures
Secures hard-to-monitor applications, for example, when hundreds of web apps are running simultaneously on an internal network.

Application Security lets you monitor and review exploitation attempts across an unlimited number of applications. Attack details are propagated across your infrastructure, meaning, if an attack is detected on one application, it is immediately flagged on every app server and for every monitored app in your account. While the performance experienced by an end user may vary depending on the application type and its overhead, Application Security strives to make sure requests can be handled in under 1 ms.

Application Security delivers information, such as the time, origin, and type, on every attack that occurs on your apps to a central reporting point. Over time, this information builds into a broad profile of the attacks impacting your networks, enabling your web security team to map trends and deploy appropriate resources. Application Security also gives your developers full visibility into how the vulnerability in your code would have been exploited, including a stack trace down to the line of code (where relevant), reporting of request parameters, and how your app’s behavior would have been modified.

Threat Type	Detection	Protection
Open Redirect
Remote Command Execution (RCE)
Illegal File Access
SQL Injection
Antivirus/Anti-Malware Scanning of File Uploads
Malicious Payload

Application Security automatically protects your apps against common web-based attacks and many classes of zero-day vulnerabilities. Additionally, with Application Security’s deep instrumentation, API’s are protected similar to a web application across a JSON/GraphQL interface. With Application Security working inside the application, you only need one solution to secure both your web application and API’s.

System Requirements

Java (8 or higher)
Python (2.7, 3.4 or higher)
NodeJS (10 or higher)
PHP (7.0 or higher)
.NET coming soon (.NET Framework 4.5.2 or higher, .NET Core 2.0 or higher)
Ruby coming soon (2.0.0 or higher)

Documentation

Trend Micro Cloud One Application Security Datasheet (.PDF)

Call a Specialist Today! 866-981-2998

Trend Micro Cloud One – Application Security
Detection and protection for modern applications and APIs built on your container, serverless, and other computing platforms

Cloud One – Application Security