Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications

It's no secret that organizations are embracing the cloud and all the benefits that it entails. Whether its cost savings, increased flexibility or enhanced productivity – businesses around the world are leveraging the cloud to scale their business and better serve their customers. They are using a variety of cloud solutions – both private and public – and relying on multiple cloud hosting vendors to facilitate this growth. But as the saying goes – there is no such thing as free lunch. A hybrid cloud environment leads to an overall loss of control and visibility into the network, and in turn, can bring a host of security challenges.

Disappearing Network Perimeter


As more services and applications are moved outside the enterprise perimeter and onto the cloud, the traditional network perimeter is going away. The hosting of applications is often distributed, and while some applications are being migrated to the cloud, others are still in transition or may remain on-premise. Organizations are now faced with the need to protect their applications everywhere – on-premise and in the cloud.

This leaves the door open for attackers. They now have a new target and instead of targeting just the on-premise applications, they are going after applications in the cloud. Organizations that rely solely on on-premise attack mitigation are leaving their cloud-based applications vulnerable to attacks.

Increased Dependency on Multiple Vendors

Most companies use multiple cloud vendors for hosting various aspects of their infrastructure. Some organizations choose to deploy a multi-cloud strategy for redundancy – to limit risk of downtime in case of failures and also reduce the risk posed by relying on a single vendor. In other cases, applications that have different needs in terms of bandwidth and availability are hosted on different cloud services to fit their specific needs. In addition, a multi-cloud strategy can be used to provide geographically diverse service across multiple cloud centers.

The use of a multi-vendor cloud hosting strategy complicates the ability to protect applications. It introduces dependency on the security solutions provided by each cloud vendor, which can offer varying degrees of protection. Overall this further limits the control and visibility of the organization's infrastructure, making it harder to protect and manage multiple instances.

Rise in Popularity of Web Based Attacks

In today's evolving threat landscape, the task of ensuring application availability is becoming more complex. As attacks are getting longer, larger and more sophisticated, organizations need to be able to protect their applications from a large variety of security threats, including:

  • Web-based attacks mostly known through the Open Web Application Security Project (OWASP) Top 10, which lists out the most common web-based threats. This category includes threats such as SQL Injections, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), which are typically not covered by traditional firewalls and intrusion detection systems (IDS). There is also a host of web-based attacks beyond the OWASP Top 10, such as Brute Force attacks, that should also be considered when looking at application security.
  • Availability based attacks – Distributed Denial of Service (DDoS) attacks at both the network and application layers. This includes the use of automated programs (bots) as well as humans to launch attacks aimed at exhausting application resources.
  • Multi-vector attacks – Sophisticated attacks that leverage multiple attack vectors are a common form of attack today. Rarely do we see attacks that only use one single vector. To deal with multi-vector attacks, organizations need a layered protection solution that can detect and mitigation attacks at all layers of the network.

Organizations' New Requirements

Overall, organizations are facing several new challenges that lead to greater value requirements from security solutions, such as:

Protecting applications in a dynamic and moving environment. Organizations are faced with a distributed network and disaggregated applications. As such, they need a solution that can provide protections to applications regardless of where they are located. A hybrid solution is the best approach to provide comprehensive protection for applications – both on-premise and in the cloud – and can work across multiple cloud vendors. It removes the dependencies on different third parties and consolidates the protection of applications in a single-vendor, single-technology solution.
Wide protection coverage that covers the full range of attacks from network- and application layer DDoS attacks (including volumetric attacks), to more common web-based attacks (SQL Injections, XXS), all the way to the more advanced web attacks (Cookie Poisoning, XML and web services attacks). With the popularity of multi-vector attacks, having wide protection coverage is critical to eliminate any blind spots in the network that an attacker can leverage.

Ease of use and serviceability must be established to lift the burden off the IT and Security teams in the organization. Setting up and configuring some solutions requires a lot of manual work and ongoing maintenance. It's important to pick a solution that is both easy to set-up and easy to maintain. A fully managed cloud service that includes 24/7 support and monitoring as well as ongoing reports can help provide that.

With the enterprise perimeter disappearing and the increase in third party security dependencies, coupled with the rise in more sophisticated, multi-vector attack campaigns, organizations need to carefully examine the security solutions available to them and make sure they address these new challenges.

By Shira Sagiv, Director of Security Solutions, Radware

Radware is a global leader of application delivery and application security solutions for virtual, cloud and software defined data centers. Its award-winning solutions portfolio delivers service level assurance for business-critical applications, while maximizing IT efficiency.


Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.


Mitigating Cyberattacks: The Prevention and Handling

Mitigating Cyberattacks: The Prevention and Handling

Mitigating Cyberattacks New tools and technologies help companies in their drive to improve performance, cut costs and grow their businesses ...
Your Office 365 Data Security - Is It Properly Protected?

Your Office 365 Data Security – Is It Properly Protected?

Office 365 Data Security As more and more people collaborate and access data from outside the office and across multiple ...
blcokchain contributor

Cryptographic Key Generation – It’s Time To Pay Attention

Cryptographic Key Generation When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only ...
The 3% Edge: How Data Drives Success in Business and the Olympics

The 3% Edge: How Data Drives Success in Business and the Olympics

Data Drives Success in Business A recent Bloomberg BusinessWeek article entitled “The Tech Guy Building Wearables for America’s Olympians” profiles ...
Identity and Access Management: Advancing to Meet the Changing Needs of Passwords and Governance

Identity and Access Management: Advancing to Meet the Changing Needs of Passwords and Governance

Identity and Access Management The identity and access management market continues to grow in a wide variety of industries of ...
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...


Dropbox heads for trading debut after upsized IPO pricing

Dropbox heads for trading debut after upsized IPO pricing

(Reuters) - Having topped expectations with the upsized price of its initial public offering, Dropbox Inc on Friday faces its next big challenge: a successful launch of trading when global stock markets are the defensive ...
IDC Report: Smart Cities Initiatives to Reach $28.3 Billion in 2018

IDC Report: Smart Cities Initiatives to Reach $28.3 Billion in 2018

First-ever IDC Smart Cities Spending Guide Expects Technologies Enabling Smart Cities Initiatives to Reach $28.3 Billion in 2018 SINGAPORE, March 23rd, 2018 – Asia/Pacific (excluding Japan) on the technologies that enable Smart Cities initiatives is expected ...
BMW delays electric car mass production until 2020 for cost reasons

BMW delays electric car mass production until 2020 for cost reasons

FRANKFURT (Reuters) - BMW has held back the mass rollout of electric cars until 2020 because current fourth generation electric car technology is not profitable enough for volume production, Chief Executive Harald Krueger said. “We ...
Rackspace Extends Managed Security to Google Cloud Platform

Rackspace Extends Managed Security to Google Cloud Platform

SAN ANTONIO, March 21, 2018 (GLOBE NEWSWIRE) -- Rackspace® announced today that Managed Security and Compliance Assistance for Google Cloud Platform (GCP) is now available for preview to new and existing customers that use Rackspace Managed Services for GCP ...
Google classroom

Helping G Suite customers stay secure with new proactive phishing protections and management controls

Security tools are only effective at stopping threats if they are deployed and managed at scale, but getting everyone in your organization to adopt these tools ultimately hinges on how easy they are to use ...
Gartner Says Worldwide IoT Security Spending Will Reach $1.5 Billion in 2018

Gartner Says Worldwide IoT Security Spending Will Reach $1.5 Billion in 2018

By 2021, Regulatory Compliance Will Become the Prime Influencer for IoT Security Uptake Internet of Things (IoT)-based attacks are already a reality. A recent CEB, now Gartner, survey found that nearly 20 percent of organizations ...