Introduction to Application Security

Trend Micro Cloud One™ – Application Security provides runtime protection for:

  • Containerized applications
  • Serverless functions

When Application Security is properly deployed, it detects and protects against threats to your web- and cloud-native-based applications, minimizing your risk.

Already set up in Cloud One and know what you want to protect? Click to jump ahead.

Determined attackers are continuously running scanners against your site, creating malicious user accounts, fuzzing various elements, triggering exceptions, and attempting to run exploitation tools. Attackers do this in order to:

  • take over customer or administrative accounts.
  • execute code on your server.
  • steal sensitive data stored on your servers.

By including Application Security in your applications, you will receive alerts as soon as attackers begin conducting scans and attacks. You can address each event manually, or you can configure Application Security to react automatically to these attackers, stopping them in their tracks before any damage is done.​

Most importantly, real vulnerabilities are not exploited because of the runtime protection, and your developers will have code-level information regarding the vulnerability.

Application Security's key features

  • Easily embed security functionality into your running applications and serverless functions.
  • Bridge the gap between the security team and development teams by providing a tool that provides relevant information to both.
  • Get visibility into attacks targeting your application.
  • Protect against the OWASP top 10 vulnerabilities such as SQL injection, OS Command injection, and more.
  • Stop zero-day vulnerabilities from being exploited.

OWASP web application security risks

Security risk Application Security protection
Injection flaws SQL Injection, Remote Command Execution
Broken authentication Out of scope
Sensitive data exposure SQL Injection, Illegal File Access, Remote Command Execution
XML External Entities Illegal File Access, Remote Command Execution, Malicious Payload
Broken access control Out of scope
Security misconfiguration A maximal upload file size, and archive file size, can be specified, preventing DoS attacks and/or misconfigurations.
Cross-site scripting Malicious Payload
Insecure deserialization Remote Command Execution
Components with known vulnerabilities All features, e.g. Remote Command Execution protects for vulnerabilities in OSS
Insufficient logging and monitoring Application Security protection features gives visibility into suspicious behaviours, even at report mode. Agent logs enhances sever monitoring by increasing visibility into activity. For example, the number of requests sent, time of processing in various components, etc IP Protection also offers insight on source IP trust-level.