New Security Tools for Application Delivery

What if you could shut down cybercriminals’ most frequently used method of attack? At SUSE we’ve recently made a move to help you get closer to that goal.

As you may know, SUSE recently released new versions of our application delivery solutions, SUSE CaaS Platform 4 and SUSE Cloud Application Platform 1.5. The releases contain a number of important updates and features, but the one most exciting in terms of protecting your organization is the addition of Cilium to SUSE CaaS Platform.

Application security has never been more important. Forrester claims that application weaknesses and software vulnerabilities continue to be the most common means by which cybercriminals carry out external attacks.[1] They expect spending on application security solutions to grow at a 16.4% compound annual growth rate between 2017 and 2023.”[2]

Security experts elsewhere confirm the central role application vulnerabilities play in attackers’ methods. The Verizon Data Breach Investigations Report found compromised web applications accounted for more confirmed breaches than any of the other nine categories of security incidents or issues they measure.[3]

That’s where Cilium comes in. Leveraging Cilium, SUSE enables Kubernetes users to strengthen application security at scale with high performance packet filtering and network communication security policies that are easy to implement and control.

With Cilium, you can specify security policy not only in terms of IP addresses and ports, but also in terms of more application-related concepts such as DNS names and even Kubernetes labels, as detailed in this post on release 4.0 by Roger Klorese. Cilium takes advantage of a powerful new Linux kernel technology called BPF to help improve application security—and enable secure multitenancy.

In fact, Cilium is just one of the features in 4.0 that enable and support multitenancy. In an as-a-service offering scenario, you gain efficiency with virtual multitenancy (rather than physically separating every tenant on different infrastructure) but managing security becomes very important. Cilium provides a valuable tool. For more detail on multitenancy, check out this post by my colleague Rania Mohamed.

Thomas Graf is the founder of Cilium, and had this to say about our partnership. “SUSE has been a valuable contributor to the Cilium open source community since before the 1.0 release, and we are excited to have them as the first enterprise-grade Kubernetes distribution to use Cilium as the default networking and security technology.”

Our support of Cilium-based networking puts our customers ahead of those using other commercially supported Kubernetes solutions and is an example of how we’re powering digital transformation with agile open source solutions that enable enterprises to continually innovate, compete and grow.

For more on the benefits of SUSE CaaS Platform 4 and SUSE Cloud Application Platform 1.5, check out the press release.

[1] https://www.forrester.com/report/The+State+Of+Application+Security+2019/-/E-RES145135 

[2] https://go.forrester.com/blogs/spending-on-application-security-tools-to-grow-over-16-annually/

[3] Verizon Data Breach Investigations Report, 2018