Real-time cloud app monitoring at Juniper

With the Cloud Workload Protection solution, Juniper Networks further expands its range of cloud security solutions for enterprises. This product promises to protect application workloads in any cloud or on-premises environment. Juniper Cloud Workload Protection is a lightweight software agent that the vendor says controls application execution and monitors application behavior to help businesses spot and fix anomalies. “The idea is to provide protection against attackers looking to exploit application vulnerabilities,” said Kate Adam, senior director of security product marketing at Juniper Networks.

“An application’s code can contain errors that go undetected during the development process, and attackers can use them to exploit underlying resources and the processes or workloads that power the application, such as databases and data collectors”, also explained Kate Adam. “You only have to look at the latest data breaches that have been made public to realize this. Most, if not all of them, result from the successful exploitation of one or more vulnerabilities in applications,” she added.

Real-time analysis

Cloud Workload Protection installs in Docker, Kubernetes, and Amazon Web Services’ Fargate container deployment services at the container, host, or VM level. “Additionally, a small application-specific component is loaded at runtime, similar to application performance monitoring solutions,” Adam explained. The agent monitors the application’s functions and its service calls to understand what the application is supposed to do, and then looks for deviations from what is happening in real time. “The gaps are likely potential exploits, and quite often the patching of vulnerabilities happens automatically, without administrator intervention,” added Kate Adam.

The agent also notifies Juniper sRX virtual firewalls, which can further reduce risk by applying segmentation. Automated threat response with integrated real-time telemetry helps security teams detect and block threats across the entire network. “The new agent is part of Juniper’s overall Connected Security architecture, which includes a myriad of enterprise security components, from the Security Director portal to manage complete network security on-premises and in the cloud, Policy Enforcer that automates network-wide threat mitigation and micro-segmentation strategies, all the way to advanced threat detection Advanced Threat Prevention, providing software-defined containment to protect networks and limit security issues,” the provider explained. The Cloud Workload Protection solution will be available in September.