Network Resilience & Security - The Right Tools, Pervasive Testing & Training

Sunil Kalidindi, Vice President - Product Management, Ixia
Monday, July 25, 2016
Sunil Kalidindi, Vice President - Product Management, Ixia
Ixia (NASDAQ: XXIA) offers testing, visibility and security solutions that enable businesses to strengthen their applications across physical and virtual networks. The company has a market capital of $ 845.33M.

An observer watching a bunker shot by legendary pro golfer Gary Player was heard to say, "I've never seen anyone so lucky in my life". The player retorted, "Yes, and the more I practice, the luckier I get". Yet when it comes to cybersecurity, nearly half of organizations are solely relying on luck to get them through a cyber-attack. There is not enough practice or training in terms of incident response, and testing happens haphazardly depending on the developer and organization, obfuscating baselines and the context necessary to ensure security and resilience. Particularly in terms of testing, we've noticed that despite awareness of its importance, bugs and vulnerabilities routinely slip through. In fact, a recent Ixia survey found that 34 percent of developers have deployed products that have had a few bugs. Worse, 31 percent said products harbored significant vulnerabilities that required patching later in the cycle when shipped.

The problem has been exacerbated by the rapidly growing normalization of agile development processes. Groups of developers are tasked to build products piece-meal, leading to application development that is often incremental and happens in iterative cadences. Testing and oversight happen at each step of the process, but the segmented nature of the development cycle means that bugs and vulnerabilities often arise when the code is assembled, and are routinely missed. It's clear that more than a local test, a comprehensive end-to-end test and relevant training are critical.

A Change in Culture

Improvement begins by changing the culture that minimizes security testing for the sake of launch timelines. Too often, the product development team will come together just to be told they need to move up their release date. The habit results in products that walk a thin line of performance, as they may contain unknown security holes due to not being fully tested. It's a major reason for security incidents, even with multiple layers of security tools.

Share on Twitter
Share on LinkedIn
Share on facebook