UPDATED 10:00 EST / SEPTEMBER 03 2020

CLOUD

PerimeterX’s cloud native approach signals the rise of serverless security

Fifteen years ago, global cybersecurity spending was in the $3.5 billion range. Three years ago, it was $120 billion. Next year? Try a cool $1 trillion.

Some executives in the information technology world are beginning to wonder what protection $1 trillion might actually bring. Cybersecurity Ventures has predicted that cybercrime will cost global businesses more than $6 trillion annually starting in 2021.

Instead of spending more money to lose even more, there is growing interest in pioneering work by cloud native security firms that are taking a strikingly different approach. These companies are moving away from traditional reliance on infrastructure and network-based tools and focusing instead on cloud native and serverless technologies to reduce costs while improving IT security efficiency.

The focus of one firm – PerimeterX Inc. – is on securing the serverless web application and it is a concept that has the potential to become a significant paradigm shift in the cybersecurity field. Its solution is based on making security portable, less expensive and smart.

“How can you make that application smarter, how can you make that application self-sufficient by connecting modules, by making sure that you’re including models that integrate security and bring security with you everywhere?” asked Ido Safruti (pictured), co-founder and chief technology officer at PerimeterX. “Where it gets more important is how we can make ourselves relevant for our customers to adopt serverless and how we can help introduce security into many environments. This is the notion that we’re trying to pioneer.”

Safruti spoke with Stu Miniman, host of theCUBE, SiliconANGLE Media’s livestreaming studio, in the latest episode of Cloud Native Insights, a series that focuses on transitions in the marketplace and how companies are making the journey to modernize and leverage cloud native technologies. They discussed the technology behind PerimeterX’s solution, customer adoption, advantages which serverless can deliver for IT defenses, the firm’s early use of containers and protection at the edge.

Using managed services

Delivered as-a-service, the PerimeterX platform uses a set of tools to detect risks in web applications and proactively manage them. The platform’s serverless approach means that applications rely on managed services which abstract away the need to secure infrastructure itself.

PerimeterX can be added to existing websites through JavaScript and it uses hundreds of indicators from the browser, including sensor data, to detect when requests don’t match with characteristics of known user profiles.

“Where we’re adopting serverless is both in front end decisions such as smart load balancing and integrating with other cloud vendors to make sure requests are coming in the right queue,” Safruti explained. “We’re protecting all kinds of different business logic abuses for our customers, mostly large websites that are in demand of web scale.”

The company’s three primary products – Bot Defender, Page Defender and Code Defender – detect risks in web applications and PerimeterX has gained the confidence of major enterprise brands in its solution over the firm’s six-year history. It now has more than 175 customers worldwide, including Puma SE, Grubhub Inc., Zillow Inc. and the investment service Seeking Alpha Ltd.

The company’s focused work on the web application side has also provided an early warning system for the security community when vulnerabilities occur. In August, a PerimeterX cybersecurity researcher uncovered a vulnerability in Google’s Chromium-based browser that allowed attackers to bypass content security policy or CSP rules. Chrome is the world’s most widely used browser, with more than 2 billion users and 65% of the market.

Cloud native from the start

In serverless security, distributed cloud-native services work together outside server-based protection methods and firewalls. Rather than focus on network inspection, the center of attention is instead on behavioral modeling, using artificial intelligence and machine learning, along with strong code.

“If your architecture requires that everything goes through a certain security proxy or firewall, it may force you to utilize very limited architectures,” Safruti said. “If you want to deploy a payload on Lambda or on your content delivery network, it typically will be way in front of your traditional enterprise security solutions.”

PerimeterX was cloud native from the start and an early user of Docker containers, according to Safruti. The serverless model did not replace containers but instead became a way for developers to build applications without having to manage infrastructure. For Safruti and his team, the goal was to remove friction from the development process.

“Kubernetes was not great back then, so we were orchestrating some things on our own,” Safruti recalled. “The challenge was that security in most cases was adding friction and delays and complexity to the developer process. From our point of view, the key for cloud was how we could enable our customers and integrate better with them in a way that enhanced their infrastructure versus adding friction.”

Defense against bots

One of the reasons why PerimeterX’s cloud native, serverless solutions are gaining enterprise traction is an ability to defend again bot attacks. Bot detection has become an important element in the cybersecurity world as credential stuffing, where a massive database of user names and passwords are applied to the login page of a particular website, has become one of the best-known attack methods by criminals using bots.

In partnership with cloud computing service provider Fastly Inc., PerimeterX offers predictive, behavior-focused bot detection at the network edge. That’s significant because one of the most destructive bot attacks to-date – the Mirai Botnet – leveraged “internet of things” devices at the edge in 2016 to launch highly damaging exploits. Mirai remains alive and well in 2020, prompting firms such as NetScout Systems Inc. to label it the “king” of IoT malware.

“What you’re seeing more and more, as we’re working in collaboration with Fastly, and you can see this on other edge platforms with this notion of serverless, is how to deploy code to the edge,” Safruti said. “The benefit there is you can mitigate a lot of the risks outside your data center, outside of your cloud. You can gradually forward-deploy the logic that is relevant at the edge, getting this ability to scale up without limit. If it’s a denial-of-service or any other attack, this logic can handle it.”

Malicious bots continue to be a cost issue for companies operating high-traffic websites and mobile apps. Bad bots are estimated to generate nearly 38% of web traffic now and enterprises have been forced to spend more money to defend infrastructure as a result. In a serverless model, users pay only for what they use, such as the execution of functions in the case of AWS Lambda.

There is another cost of security for many companies and that involves what happens when websites and mobile apps aren’t properly protected. British Airways Ltd. has been served with an “intention to fine” under Europe’s General Data Protection Regulation or GDPR for the equivalent of $243 million for allegedly failing to protect its web applications. If the fine holds, it would be the largest penalty issued under GDPR to date.

The notion of leveraging advanced technology to build a strong defense is very much in keeping with the arc of Safruti’s own career. The PerimeterX co-founder lists his bachelor’s degree from Israel’s elite Talpiot program, whose graduates have gone on to found numerous technology companies.

The word “talpiot” means “strongholds” or “turrets” in Hebrew and Safruti is seeking to combine the concepts of a strong defense with cutting-edge technology to offer a better security solution.

“How can I enable our customers to adopt serverless, how can I enable our customers to adopt new technologies in the cloud?” Safruti said. “Security solutions are not leveraging the breadth and new architecture of how web applications are built.”

Here’s the complete video interview, the latest in the continuing Cloud Native Insights series and one of many CUBE Conversations from SiliconANGLE and theCUBE:

Photo: PerimeterX

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU