Introduction to Application Security
Trend Micro Cloud One™ – Application Security provides runtime protection for:
- Containerized applications
- Serverless functions
When Application Security is properly deployed, it detects and protects against threats to your web- and cloud-native-based applications, minimizing your risk.
Already set up in Cloud One and know what you want to protect? Click to jump ahead.
Determined attackers are continuously running scanners against your site, creating malicious user accounts, fuzzing various elements, triggering exceptions, and attempting to run exploitation tools. Attackers do this in order to:
- take over customer or administrative accounts.
- execute code on your server.
- steal sensitive data stored on your servers.
By including Application Security in your applications, you will receive alerts as soon as attackers begin conducting scans and attacks. You can address each event manually, or you can configure Application Security to react automatically to these attackers, stopping them in their tracks before any damage is done.
Most importantly, real vulnerabilities are not exploited because of the runtime protection, and your developers will have code-level information regarding the vulnerability.
Application Security's key features
- Easily embed security functionality into your running applications and serverless functions.
- Bridge the gap between the security team and development teams by providing a tool that provides relevant information to both.
- Get visibility into attacks targeting your application.
- Protect against the OWASP top 10 vulnerabilities such as SQL injection, OS Command injection, and more.
- Stop zero-day vulnerabilities from being exploited.
OWASP web application security risks
|Security risk||Application Security protection|
|Injection flaws||SQL Injection, Remote Command Execution|
|Broken authentication||Out of scope|
|Sensitive data exposure||SQL Injection, Illegal File Access, Remote Command Execution|
|XML External Entities||Illegal File Access, Remote Command Execution, Malicious Payload|
|Broken access control||Out of scope|
|Security misconfiguration||A maximal upload file size, and archive file size, can be specified, preventing DoS attacks and/or misconfigurations.|
|Cross-site scripting||Malicious Payload|
|Insecure deserialization||Remote Command Execution|
|Components with known vulnerabilities||All features, e.g. Remote Command Execution protects for vulnerabilities in OSS|
|Insufficient logging and monitoring||Application Security protection features gives visibility into suspicious behaviours, even at report mode. Agent logs enhances sever monitoring by increasing visibility into activity. For example, the number of requests sent, time of processing in various components, etc IP Protection also offers insight on source IP trust-level.|