#100daysofsec: Security and speed come together

Learn how the Seeker and Red Hat integration helps deliver security and speed of software development for container-based apps.

Increase speed and scale with Seeker

An IAST tool can help application security keep up with the exponential increase in the speed of software development for container-based applications. Seeker’s strength is that it can serve a multitude of applications, whether they are microservices-based, cloud-based, or standard architecture. Application and security deployment can be fully automated, container-based, or manual.

“Instead of the huge monolithic applications of the past, the industry is moving toward microservices-based applications, with smaller components handling isolated requests. This is due to the need to go faster and scale better.”

“The advantage of containers is that you can have the entire application scale up really quickly, in a fraction of the traditional time, depending on the resources you have, you can also scale a lot. You can easily increase the capacity of an application to have a thousand container replicas, as opposed to a virtual machine where scaling could be challenging, with underutilized resources as well.”

How the Seeker and Red Hat integration works

Development teams are moving to use security testing tools that keep up with them. Among the BSIMM’s key findings is this message from developers: “We’d love to have security in our value streams if you don’t slow us down.” That’s what Seeker does.

“Seeker IAST is based on instrumentation agents, much like application performance monitoring tools. It has access to the application code, HTTP requests, and runtime values. This information richness provides it with unparalleled analysis speed and accuracy. Those lightweight Seeker agents can then be easily deployed together with the application containers onto the testing environments.”

Seeker agents are written and configured to work with whatever language and framework the application uses. “For example, if you’re using enterprise Java to create your application, agents are available for Java frameworks like Red Hat JBoss EAP, JBoss Web Server, and Red Hat OpenJDK. It also supports open source frameworks like Tomcat and GlassFish. The agents employ code instrumentation techniques inside a running application to scale and address large enterprise requirements.”

Advantages of Seeker

The Seeker agent is not complicated, which adds to its value. “What it’s doing is quite simple. It’s not supposed to be complicated. It’s intercepting requests that are coming in and going out from different pieces of the application. And based on those requests flowing through the application, it can quickly find vulnerabilities in software.”

Simplicity doesn’t mean ineffective, however. The Seeker agent offers multiple advantages to developers focused on speed:

• It’s automated: It doesn’t need manual oversight.
• It’s fast: No scanning required. It gives results in real time, keeping up with agile development and testing.
• It’s accurate: Instead of flagging a vulnerability and leaving a developer to troubleshoot, Seeker traces runtime vulnerabilities to the exact lines of code.
• It’s automatically verified and validated: Teams can maximize productivity with results that have been retested and verified. Seeker provides engineers with data flow analysis and proof a reported vulnerability exists.

“Seeker has in-depth visibility into the application because it’s running with the application and can intercept requests. When it finds a vulnerability or a sensitive data leak, it knows the exact location of the line of code in your application and suggests ways to fix it. This is a great feature for developers who want to fix issues quickly and have a faster delivery cycle.”

Finally, points out that with a microservices-based architecture, Seeker has dataflow visibility. “If you have multiple containers communicating with each other, you can visualize if any of them are passing malicious or insecure data. If unsafe data is being passed between the browser and databases, or within the application, you’ll be able to identify and rectify that easily.”