Cloud-Native Requires Rethinking Traditional App Development
- Before building a cloud-native application, you must thoroughly understand the host cloud environment so you can augment its security controls at the app level.
- With microservices running in standalone containers that are released incrementally and continuously, security must be embedded in the very first stages of the CI/CD pipeline.
“Because of the way containers are spun and destroyed, traditional vulnerability scanning tools do not work for cloud native applications.”
William Caban, DevOps technical solutions architect for World Wide Technology, recognizes that moving to a cloud-native approach can be difficult. There’s a steep learning curve for some organizations because of the way they have to re-architect their applications, and even re-architect the way their processes work. “But in the end, all that pays off,” Caban says. “There is a possibility to achieve the theoretical 100% availability because of the way cloud-native platforms work. They provide self-healing and auto-scaling capabilities, geo-distribution, not just around multiple data centers, but across clouds. It’s become a multi-cloud, multi-data center world. All these capabilities are intrinsic to the applications architected as cloud-native applications.”