Dissecting the Risks and Benefits of Microservice Architecture

By

Many organizations today have a basic understanding of the security risks associated with their web applications. However, many will find that their efforts to just add on security to existing applications fall short of being effective. Each new development in the software design process can bring an abundance of benefits to an organization, but it also brings along several new security challenges.

Distributed microservices architecture has made quite an impact as far as modern application development trends go. With the design of an application being broken apart into smaller pieces and building it as a set of modular components, it makes it easier to build and maintain than traditional, monolithic applications developed as a single entity. Plus, unlike monolithic applications, individual components can be inserted effortlessly into continuous delivery pipelines helping developers meet their strict deadlines.

While microservices have provided many benefits to development teams, they present some real challenges. Utilizing microservices adds a lot of moving pieces to an application which increases the potential for issues such as security vulnerabilities.

Microservices create more insecurities on average than traditional applications - and not just by a little bit. For every 100,000 lines of code, a monolithic application has an average of 39 vulnerabilities. Microservice applications have an average of 180, which means the transition to microservices architecture has led to increase of total vulnerabilities for organizations.

However, despite a plethora of vulnerabilities, applications built on microservices have a higher remediation rate. Another plus to this architecture, is the time to fix the vulnerabilities is 50 percent lower than in traditional, monolithic apps. The reason for this is one breach in a monolithic application can infect the application as a whole. In a microservices application vulnerabilities can be cut off in different parts, containing the infection to one specific part.

Overall, microservices present a tricky situation for organizations. Despite vulnerabilities having a higher remediation rate, their use of third-party unpatched libraries complicates security protocols and increases risks. Before development and security teams decide to utilize microservices they need to weigh the risks and benefits and always remember to utilize security best practices to combat these issues.  

About the Author: Craig Hinkley joined WhiteHat Security as CEO in early 2015, bringing more than 20 years of executive leadership in the technology sector to this role. Craig is driving a customer-centric focus throughout the company and has broadened WhiteHat’s global brand and visibility beyond the application security space and security buyer, to the world of the development organization and a DevSecOps approach to application development. 




Edited by Maurice Nagle


SHARE THIS ARTICLE
Related Articles

How A USB Duplicator Helps The Work Place

By: Special Guest    12/9/2019

As a computer-less digital device, the USB duplicator allows a non-technical operator copy massive amounts of data with information to other blank fla…

Read More

Aruba 2020 Predictions in Key Technology Areas

By: Special Guest    12/3/2019

As we approach the end of 2019, Jacob Chacko, Regional Business Head - Middle East, Saudi & South Africa (MESA) at HPE Aruba, gives an insight into ma…

Read More

3 Traps to Avoid When Launching Your eCommerce Business

By: Special Guest    11/29/2019

Launching your own eCommerce store sounds appealing on many fronts. You get to work from the comfort of your computer, pick your own hours, and work o…

Read More

By 2022 Apple Proposes for VR and AR Gaming Headsets with Glasses Later

By: Special Guest    11/25/2019

As per the people familiar with either the project, Apple focuses on a variety of augmented-based virtual-reality applications underpinned by some rev…

Read More

5 Must-Use WordPress Plugins for eCommerce Sites

By: Special Guest    11/25/2019

WordPress has long been considered the go-to platform for anyone looking to build their own eCommerce website, but building a WordPress website isn't …

Read More