DEVOPSdigest

DEVOPSdigest asked industry experts how they think DevSecOps will evolve and impact development and application security in 2024. Part 3 looks at more issues and solutions.

Start with: 2024 DevSecOps Predictions - Part 1

Start with: 2024 DevSecOps Predictions - Part 2

LARGE LANGUAGE MODELS IMPACT SECURITY

In 2024, as Large Language Models (LLMs) become increasingly ubiquitous, we can anticipate a growing concern in the realm of developer security.

There are two key aspects that warrant attention:

■ Emergence of Malicious Open-Source Packages: In the past, crafting a malicious open source package required a level of domain expertise. However, the widespread availability of LLMs has lowered the entry barrier, making it feasible for anyone with a computer and an internet connection to create malicious packages. Consequently, we should expect a surge in cyberattacks, characterized by increased sophistication and a broader linguistic spectrum due to the ease of language adaptation.

■ Security Measures for LLM Adoption: With the integration of LLMs into various processes, companies will need to fortify their security defenses. For those consuming LLMs through APIs, traditional threats such as injection vulnerabilities will persist, but new risks will emerge, like verifying the input and output of LLMs to ensure they don't compromise the organization's network or contain malicious instructions. Companies opting to run LLMs in-house will encounter the challenge of managing a new technology stack, involving permissions, restrictions, and more.

In summary, the wider adoption of LLMs will have ripple effects, not only on hackers seeking to exploit vulnerabilities but also on security services working to safeguard digital assets and networks.
Ori Abramovsky
Head of Data Science, Check Point Software Technologies(link is external)

EMA'S 2024 CYBERSECURITY PREDICTIONS

Chris Steffen, VP of Research covering Information Security, Risk, and Compliance Management at Enterprise Management Associates (EMA), and Ken Buckler, Research Analyst covering Information Security at EMA, make 2024 cybersecurity predictions on the Cybersecurity Awesomeness Podcast.

Click here for a direct MP3 download of Episode 41(link is external)

AI IMPROVES API SECURITY

API security evolves as AI enhances offense-defense strategies: In 2023, AI began transforming cybersecurity, playing pivotal roles both on the offensive and defensive security fronts. Traditionally, identifying and exploiting complex, one-off API vulnerabilities required human intervention. AI is now changing this landscape, automating the process, enabling cost-effective, large-scale attacks. In 2024, I predict a notable increase in the sophistication and scalability of attacks. We will witness a pivotal shift as AI becomes a powerful tool for both malicious actors and defenders, redefining the dynamics of digital security.
Shay Levi
CTO and Co-Founder, Noname Security(link is external)

OPEN SOURCE PRODUCT SECURITY TEAMS

In 2024, we see the rise of dedicated open source product security teams within organizations. As open source continues to expand its footprint within commercial products, product security groups will begin building out dedicated teams focused exclusively on the security of the open source components that make up much of the source code in their products.
Donald Fischer
CEO and Co-Founder, Tidelift(link is external)

CONTAINER PROTECTION

In 2024, I think we're going to see DevOps teams work more closely with their CISOs or IT security leads to protect containerized environments. Regulations such as GDPR, PCI, and HIPAA are making it increasingly important for organizations to protect and back up data that is vulnerable to increasingly sophisticated cyber threats like Ransomware, and more often than not, that data is in containers. Nearly 9 out of 10 companies today are using containers in development to drive rapid innovation. Although Kubernetes is known to have strict security protocols that help block access to components outside of a cluster, it's definitely not impenetrable. Misconfigurations, missing container replacements, and gaps with backing up create vulnerabilities that attackers are actively exploiting. Warm cloud backups to speed up recovery times during any future downtime incidents, regular scanning, and running containers with the least privileges possible should all be priorities in the year ahead.
Faiz Khan
CEO, Wanclouds(link is external)

DevOps Adopts Cloud-based Code Signing

In 2023, the CA/Browser Forum passed a new baseline requirement for how code signing certificates and keys are to be securely stored. This was a direct result of several high profile cyberattacks related to compromised code signing keys and processes. While code signing has become essential to proving the authenticity, integrity and security of software, it is still an afterthought for many development organizations. DevOps teams will use the new CA/B Forum requirements to reinvent their code signing processes. The popularity of SaaS code signing with a cloud-based HSM will enable simplified and centralized code signing processes, support distributed developers and meet the CA/B Forum requirements – promoting speed, agility and security through the software development lifecycle.
Murali Palanisamy
CTO, AppViewX(link is external)

CLUSTERED ARCHITECTURES

As businesses increasingly adopt containerized and microservices architectures for their application delivery, I believe that a notable shift towards enhanced segmentation within clusters is on the horizon. This evolution is particularly evident in the growing prominence of Kubernetes as a primary delivery method in the cloud. Organizations are poised to invest significant efforts in fortifying the security and segmentation of clustered architectures at the container level. This proactive approach recognizes the pivotal role of secure containerization and microservices in modern software development. The future landscape is one where the nuances of clustered environments are carefully addressed to not only optimize performance but, more crucially, to bolster the resilience and security of applications as they navigate the dynamic and interconnected realms of containerized and microservices-based infrastructures in multi-cloud vendor environment.
Erez Tadmor
Cybersecurity Evangelist, Tufin(link is external)

APPLICATION SHIELDING

Application shielding will continue to grow in adoption as organizations realize its value in the DevSecOps framework. Application shielding helps DevSecOps teams work more efficiently by embedding protections to secure source code and IP from reverse-engineering and tampering attempts; IT and security teams will need a mobile app protection platform that meshes with a DevSecOps framework or risk being further siloed from development team efforts.
RJT Keating
SVP of Corporate Development, Zimperium(link is external)

HARDWARE ACCELERATORS

As DevSecOps matures in 2024, we foresee a deeper fusion with hardware accelerators, optimizing security task efficiency. This synergy will accelerate development workflows and strengthen security postures, narrowing potential attack vectors. For containerized applications, this progress is crucial — enhancing governance, ensuring the deployment of secure containers, and swiftly neutralizing threats. Such advancements are key to advancing the security and performance duality, especially in high-stakes, performance-sensitive environments.
Keith Cunningham
VP of Strategy, Sylabs(link is external)

MORE OPTIONS FOR DEVELOPERS

Developers will begin to have more options to protect and restore scripts, configurations, and code for applications they are developing across the application development lifecycle. This, in turn, will help make the critical services and configurations essential to run modern data applications available and recoverable in the event of simple human error or malicious actors.
Andy Fernandez
Director, Product Management, HYCU(link is external)

2024: THE YEAR OF SBOM

2024 will be the year of the Software Bill of Materials (SBOM). In 2024, the software landscape is poised for significant changes, with a growing emphasis on SBOMs. As concerns about supply chain attacks continue to escalate, compliance measures will tighten, due to the increasing frequency and visibility of such incidents. The proactive adoption of SBOMS is not only a response to heightened awareness, but a crucial step in securing the software supply chain. This upcoming year, increased emphasis will be placed on preventing and disclosing supply chain threats, as well as an increase in compliance requirements, like US Executive Order 14028, across the globe.
Nick Mistry
SVP, CISO, Lineaje(link is external)