The Journey to Secure System Design

By: Dimitri Stiliadis 05.18.2017
The Journey to Secure System Design

Aporeto’s mission is to provide the technologies and tools that will enable developers and security operations teams to deploy secure distributed systems.  Cybersecurity incidents are threatening critical infrastructure, and we have been ignoring the root source of security problems for years. Our goal at Aporeto is to contribute to a fundamental but necessary shift in how we approach secure system designs.

Today we announced our Series A Investment round of $11.2M led by Norwest Venture Partners and Wing VC, bringing the total investment in the company to $14.5M. We are thrilled to have the support of top-tier investors as we accelerate our efforts to meet these goals and we want to thank our customers and advisors for helping us start this effort.

Why Secure System Design?

The WannaCry incident last week taught us that cybersecurity incidents have become mainstream since the attacks are affecting critical infrastructure components.  The question is how we got here, and what can we do to move forward.  We either need a real solution; else, we have to remember the Einstein adage that insanity is “doing the same thing over and over again and expecting different results.”

It is time to focus on the root cause of the problems, instead of the symptoms of the disease.  Secure system design is complex and the complexity of robust software development does not match the business needs of fast software delivery.  Best practices have been known for years, but are often ignored. Both from a deployment perspective and a usability perspective, designers put security second to other product priorities.  Security features are not revenue generating.  Given cutthroat business requirements for agile and fast software development, it is just easier to ignore them or throw them over the fence to some security operations team.  That team then has to surround the insecure software with appliances and monitoring mechanisms to create security theater, because everyone wants to pretend that InfoSec teams have some magic-making wand.

We have seen several examples of this tradeoff between security and usability. Thousands of MongoDB instances around the Internet had their management port open by default, possibly with a default password.  The question is why?  

Those who are stuck focusing on symptoms answer that users just do not change default settings on the MongoDB installation and, therefore, we can blame the whole affair on MongoDB.  (The blame game is a common practice in security.)  The reality is that MongoDB was driven to this behavior to make the first installation efforts easier.  No developer wants to spend the time to figure out their, cloud-resident, migrating server’s IP address and then configure the database, or create and manage certificates and passwords with the right settings.  MongoDB does not want to lose their trial users in the first five minutes because of complexity because they will lose them forever.  The complexity of securing the system was the root cause and developers had much more pressing problems to deal with.   More importantly, businesses often get by with little financial damage when they ignore security.  Not anymore!

How many times have we seen a test product deployment disabling authentication or access control or certificates because it is too complex? Or developers complaining that the software deployment broke in production because security teams introduced some firewall rule?  Or better yet, just type the word “disable” in your Google search bar and see the recommendations. “Disable selinux” is up there on the top four. Why do people turn off a technology that can protect them from so many attacks? The answer usually is that “it is too complex.”

Fortunately, we do not need to re-invent the wheel. There are well-known security principles that are hardly ever deployed at scale because of operational complexity and because of a communication gap between security practices and developers. Least privilege, end-to-end authentication, authorization, and encryption have been around for decades. But, thus far, they have been too complicated to deploy.

Aporeto was founded on the core belief that the only way to solve security problems in the IT infrastructure is by simplifying the design and deployment of secure systems and by bridging the information gap between developers and security teams.  Security concerns will not be solved by reacting after the fact or relying on the next generation threat detection mechanism, but by providing the proper tools for building systems that are secure-by-default while making deployments easy for developer and security teams.

Building secure systems requires some discipline, but it should not be hard and complicated; it should be there by default without affecting development agility, and the complex repetitive actions that define good security practices must be streamlined and automated.  Fortunately, the transition to the cloud, containers, and micro-services are allowing us to transition to the API-driven infrastructure and software deployment.  This development makes simple and effective security possible.

We have started this journey by open sourcing Trireme, our approach to network security that is based on end-to-end authentication, authorization, and encryption and is transparent to application stacks while removing tons of complexity from networks and configurations and providing more robust security.  We will soon release our bigger product.

Join us in the journey to make secure system design simple and operational!

Recent Posts Palo Alto Networks Acquires Aporeto Palo Alto Networks Announces Intent to Acquire Aporeto Aporeto – Flexible and Secure by Default