{"id":96216,"date":"2024-06-19T07:27:30","date_gmt":"2024-06-19T07:27:30","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?post_type=learn&#038;p=96216"},"modified":"2024-11-06T09:33:10","modified_gmt":"2024-11-06T09:33:10","slug":"cloud-native-application-security-strategic-4c","status":"publish","type":"learn","link":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/","title":{"rendered":"Cloud-Native Application Security: Strategic 4C"},"content":{"rendered":"<h2 class=\"wp-block-heading article-anchor\" id=\"data-one\">What Is Cloud Native Application Security?<\/h2>\n\n\n\n<p>Cloud native app security is a strategy for developing and deploying apps in the cloud. It uses containers, immutable infrastructure, container orchestrators, and microservices. A cloud native application security strategy allows teams to secure cloud-based platforms and applications while monitoring for potential vulnerabilities.&nbsp;<span class=\"EOP CommentHighlightPipeClicked SCXW233843753 BCX0\" data-ccp-props=\"{&quot;134245417&quot;:false}\">To better understand and structure your cloud native security strategy, you can categorize your security infrastructure into four distinct layers: the cloud, container, cluster, and code layers, each addressing specific areas of concern within the cloud environment.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-two\">Cloud Layer<\/h2>\n\n\n\n<p>A cloud native application protection platform begins with the cloud layer.<\/p>\n\n\n\n<p>This layer contains the infrastructure that operates your organization\u2019s cloud resources.<\/p>\n\n\n\n<p>CNAS highlights the need to secure your application\u2019s underlying infrastructure, where cloud resources operate, requiring responsibility for configuring services, safeguarding data, and overseeing security within the cloud layer.<\/p>\n\n\n\n<p>Cloud native protection in the cloud layer addresses several concerns, including misconfigurations, automated attacks, and the significance of proactive security measures to protect sensitive data.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-three\">Shared Responsibility Model: CSP Vs. Customer Responsibility<\/h3>\n\n\n\n<p>The shared responsibility model describes the division of security responsibilities between a cloud service provider (CSP) and customers. A CSP is responsible for infrastructural security, while you remain responsible for securing sensitive data, configuring your services, and overseeing security for applications deployed within the cloud. This model emphasizes the collaborative nature of cloud applications, as mutual effort is required to maintain a secure environment. While CSPs provide a secure platform, customers ensure the security of all data and applications. Cloud Security Risks and Threats A cloud native application security strategy involves several risks and threats to understand to promote a secure cloud environment. Since&nbsp;<a href=\"https:\/\/expertinsights.com\/insights\/50-cloud-security-stats-you-should-know\/\">45% of breaches<\/a>&nbsp;are cloud-based, securing the cloud layer is critical. Common misconfigurations and automated attacks in cloud infrastructure include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00a0Unchanged default settings \u2022 Weak access protection to administration consoles \u2022 Errors that lead to the exposure of sensitive data.<\/li>\n<\/ul>\n\n\n\n<p>Automated attacks leverage vulnerabilities like misconfigurations to launch rapid assaults \u2013 emphasizing the continued need for proactive security measures and continuous monitoring.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-five\">Security Challenges In Managing Cloud Infrastructure<\/h2>\n\n\n\n<p>There are several challenges presented when managing cloud infrastructure. This process poses challenges, including the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Increased attack surfaces due to multiple components<\/li>\n\n\n\n<li>Complexity arising from dynamic environments<\/li>\n\n\n\n<li>Prevalence of open source components<\/li>\n\n\n\n<li>A high volume of alerts causes alert fatigue<\/li>\n\n\n\n<li>Fragmented visibility across distributed systems<\/li>\n<\/ul>\n\n\n\n<p>Because of these challenges, a cloud native application protection platform requires robust security strategies and tools to ensure comprehensive protection and monitoring of potential security threats.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-six\">Best Practices For Securing The Cloud Layer<\/h3>\n\n\n\n<p>Promoting AppSec requires implementing several strategies designed to secure the cloud layer.<\/p>\n\n\n\n<p>First, teams must secure cloud services and configurations. This process involves strengthening the diverse elements within a cloud environment by implementing robust security measures \u2013 to accommodate this need, organizations are continuously&nbsp;<a href=\"https:\/\/www.statista.com\/statistics\/1345114\/global-spending-on-cloud-security\/\" target=\"_blank\" rel=\"noopener\">increasing spending<\/a>&nbsp;on cloud security measures. Promoting robust security measures involves setting up stringent access controls, ensuring proper encryption for data in transit and at rest, and regularly monitoring, reviewing, and enhancing the security posture of a cloud-based infrastructure.<\/p>\n\n\n\n<p>Teams must also identify and mitigate misconfigurations within a cloud environment to prevent security gaps. This measure is possible through routine security audits, automated checks, and continuous monitoring strategies to detect and rectify misconfigurations to reduce potential vulnerabilities in cloud systems.<\/p>\n\n\n\n<p>Finally, teams must strive to protect data and access controls in cloud environments, which requires implementing strong encryption protocols, rigorous access management policies, and regular security updates to ensure sensitive data is protected within the cloud.<\/p>\n\n\n<section class=\"section-block-info light-theme\">\n    <div class=\"main-wrapper block-info__wrapper\">\n        <div class=\"block-info center\">\n\t\t\t\n\t\t\t<h2 class=\"section-title article-anchor\" id=\"article-anchor-1\">Secure your applications from the first line of code to production in cloud environments<\/h2>\t\t\t<p class=\"section-description\">Address the unique challenges around cloud-native applications from code creation to deployment: correlate &#038; prioritize remediation for maximum impact.<\/p>\n\t\t\t<div class=\"actions\">\n\t\t\t\t        <a href=\"https:\/\/checkmarx.com\/solutions\/code-to-cloud\/\" class=\"btn btn-2 btn-bg white demo\">Discover Code to  Cloud Security<\/a>\n        \t\t\t\t        <a href=\"https:\/\/info.checkmarx.com\/code-to-cloud-checklist-2024?hs_preview=bKhMKZPt-159235328794&#038;&#038;__hstc=144372074.235f1d35e33efd0ae7e293a56ce072fa.1716210555364.1727702566420.1727760814760.208&#038;__hssc=144372074.1.1727760814760&#038;__hsfp=2599978687\" class=\"btn btn-2 btn-bg border-2 demo\">The Ultimate Guide to  Code to Cloud Security<\/a>\n        \t\t\t<\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-seven\">Container Layer<\/h2>\n\n\n\n<p>The second component of a cloud native security strategy is the container layer, which contains container images that often hold vulnerabilities. Businesses often overlook image security issues, and without regular container updates, organizations are more exposed to potential vulnerabilities.<\/p>\n\n\n\n<p>Containerization allows developers to package code, dependencies, and configuration into a single unit, promoting more robust security. In 2024, the container management market is worth&nbsp;<a href=\"https:\/\/www.statista.com\/topics\/8299\/container-technology\/\" target=\"_blank\" rel=\"noopener\">944 million<\/a>&nbsp;USD.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-eight\">Security Risks Associated With Container Images<\/h3>\n\n\n\n<p>Container images present numerous security risks emphasizing the need for cloud native application security. While containers play a pivotal role in cloud applications by encapsulating applications and their dependencies to provide efficiency and portability across environments, this convenience includes potential security risks. Security risks associated with container layers involve vulnerabilities often present within container images, making it essential to conduct frequent security scans and updates to mitigate threats. Understanding container security risks allows you to implement robust security measures to ensure your containerized applications are reliable and safe.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-ninie\"><span data-ccp-props=\"{&quot;134245417&quot;:false}\">Container Security Best Practices<\/span><\/h3>\n\n\n\n<p>Protecting the container layer is crucial to CNAPP security. Organizations must begin by emphasizing image security and performing regular vulnerability scans to detect and address potential weaknesses in container images. It\u2019s important to establish trust in image sources and only acquire images from reliable, verified sources to reduce the risk of utilizing compromised or insecure containers. Hardening container security allows organizations to minimize attack surfaces by restricting unnecessary privileges and configurations \u2013 enhancing the overall resilience of containerized environments. Implementing these practices is critical to foster a secure ecosystem for cloud native applications, providing reliability and peace of mind through deployment lifecycles. Cluster Layer<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-ten\"><span data-ccp-props=\"{&quot;134245417&quot;:false}\">Cluster Layer<\/span><\/h2>\n\n\n\n<p>The cluster layer contains Kubernetes components that comprise the worker nodes and control plane, securing your Kubernetes workloads. These components implement encrypted communication and require TLS certificates to authenticate with each other.<\/p>\n\n\n\n<p>Kubernetes is the leading container orchestration platform, with more than&nbsp;<a href=\"https:\/\/www.statista.com\/topics\/8409\/kubernetes\/\" target=\"_blank\" rel=\"noopener\">60% of organizations<\/a>&nbsp;already adopting it.<\/p>\n\n\n\n<p>The kube-API-server component is the main Kubernetes interface that can only be accessed through HTTPS.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-eleven\">Security Considerations For Kubernetes Cluster<\/h3>\n\n\n\n<p>Understanding security considerations for the Kubernetes cluster is critical to ensure robust protection of your cloud workloads. The first consideration requires distinguishing between the control plane and worker nodes. The control plane oversees the entire cluster, while worker nodes conduct tasks assigned by the control plane. Implementing encryption for communication between different components and utilizing strong authentication measures allows you to safeguard against threats in the Kubernetes cluster. This is essential because of the criticality of Kubernetes workloads. Emphasizing security strengthens your Kubernetes environment while bolstering the overall resilience of your applications.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-twale\">Critical Components In Cluster Layer Security<\/h3>\n\n\n\n<p>This element of cloud native protection requires several steps to guarantee cluster layer security, including the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Protecting the kube-API-server, which acts as the primary interface for the cluster layer in Kubernetes.<\/li>\n\n\n\n<li>Implementing TLS certifications and encryption in Kubernetes. This server relies on encrypted communication, mandating TLS certificates for secure component authentication.<\/li>\n\n\n\n<li>Role-based access control (RBAC) plays a pivotal role in the authorization mechanism of the API server to enable granular control over cluster administration without the need for direct access via the Secure Shell.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-thirteen\">Code Layer<\/h2>\n\n\n\n<p>The code layer in a cloud native application security strategy offers the highest level of security control, allowing you to restrict exposed ports, services, and endpoints to mitigate risks. Communication between internal and external services is protected through TLS encryption.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-fortine\">Key Security Risks And Threats In Application Code<\/h3>\n\n\n\n<p>While the code layer plays a fundamental role in bolstering application security by orchestrating stringent protective measures within a software\u2019s architecture, this layer has prevalent security risks. These risks include vulnerabilities within the code base, insecure dependencies, insufficient risk assessments, and vulnerabilities in open-source, third-party components. Organizations must identify and mitigate risks to prevent exploits like cross-site scripting (XSS) and injection attacks. Enhancing security in the code layer requires robust practices, including static code analysis, frequent vulnerability assessments, and secure code standards to ensure application resiliency.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"data-fintine\">Implementing Code-Level Security Measures<\/h3>\n\n\n\n<p>There are numerous steps to implement proper code-level security measures:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Restricting endpoints, managing service security, and regulating access to services<\/li>\n\n\n\n<li>Employing Transport Layer Security (TLS) encryption to promote secure communication and safeguard internal and external communication channels, preventing potential eavesdropping or data breaches<\/li>\n\n\n\n<li>Leveraging a suite of tools and techniques like static code analysis, code review practices, and automated testing frameworks, which is instrumental in upholding secure coding standards and identifying vulnerabilities or flaws within a codebase<\/li>\n<\/ul>\n\n\n\n<p>Integrating these measures systematically ensures a robust defense mechanism at the code level, promoting CNAS and bolstering the application\u2019s resilience against cyber threats and breaches.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-sixitne\">Implementing The 4 C\u2019s<\/h2>\n\n\n\n<p>A holistic cloud-native security approach is critical to achieving comprehensive security in a cloud-native environment, promoting AppSec. Coordinated security measures across layers require integrating the four C\u2019s \u2013&nbsp;<strong>cloud, container, cluster, and code<\/strong>&nbsp;\u2013 within a holistic application security approach. Coordinated security measures across these layers help strengthen cloud-native environments, as they collectively contribute to the integrity and resilience of the entire system. A collaborative approach ensures that security measures are deeply embedded throughout the development lifecycle, from infrastructure design to application deployment. This approach fosters a robust shield against potential threats and vulnerabilities. Achieving comprehensive security necessitates layer-specific fortifications and a cohesive and synchronized strategy that harmonizes security practices across all facets of the cloud-native ecosystem.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"data-sevintine\">Promote AppSec Security With Checkmarx<\/h2>\n\n\n\n<p>A comprehensive cloud native application security strategy is critical for any organization. You can master AppSec with Checkmarx today. Explore our&nbsp;<a href=\"https:\/\/checkmarx.com\/appsec-services\/\">AppSec services<\/a>&nbsp;and discover the Checkmarx solution.<\/p>","protected":false},"author":94,"featured_media":91869,"parent":0,"menu_order":0,"template":"","meta":{"_acf_changed":true,"footnotes":""},"learn-cat":[852],"class_list":["post-96216","learn","type-learn","status-publish","has-post-thumbnail","hentry","learn-cat-code-to-cloud-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cloud-Native Application Security: Strategic 4C<\/title>\n<meta name=\"description\" content=\"Master cloud-native application security: The 4 C&#039;s strategy + crucial best practices. Build secure apps from code to cloud. Read now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloud-Native Application Security: Strategic 4C\" \/>\n<meta property=\"og:description\" content=\"Master cloud-native application security: The 4 C&#039;s strategy + crucial best practices. Build secure apps from code to cloud. Read now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-06T09:33:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1792\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\"},\"author\":{\"name\":\"Sagy Kratu\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/59afb6ca8aa5a87ace0efd827b3e3e24\"},\"headline\":\"Cloud-Native Application Security: Strategic 4C\",\"datePublished\":\"2024-06-19T07:27:30+00:00\",\"dateModified\":\"2024-11-06T09:33:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\"},\"wordCount\":1514,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\",\"url\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\",\"name\":\"Cloud-Native Application Security: Strategic 4C\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp\",\"datePublished\":\"2024-06-19T07:27:30+00:00\",\"dateModified\":\"2024-11-06T09:33:10+00:00\",\"description\":\"Master cloud-native application security: The 4 C's strategy + crucial best practices. Build secure apps from code to cloud. Read now!\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp\",\"width\":1792,\"height\":1024,\"caption\":\"Strategic 4 C's to Cloud Native Application Security\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/59afb6ca8aa5a87ace0efd827b3e3e24\",\"name\":\"Sagy Kratu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_94.png\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_94.png\",\"caption\":\"Sagy Kratu\"},\"url\":\"https:\/\/checkmarx.com\/author\/sagykratu\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cloud-Native Application Security: Strategic 4C","description":"Master cloud-native application security: The 4 C's strategy + crucial best practices. Build secure apps from code to cloud. Read now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/","og_locale":"en_US","og_type":"article","og_title":"Cloud-Native Application Security: Strategic 4C","og_description":"Master cloud-native application security: The 4 C's strategy + crucial best practices. Build secure apps from code to cloud. Read now!","og_url":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2024-11-06T09:33:10+00:00","og_image":[{"width":1792,"height":1024,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp","type":"image\/webp"}],"twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/"},"author":{"name":"Sagy Kratu","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/59afb6ca8aa5a87ace0efd827b3e3e24"},"headline":"Cloud-Native Application Security: Strategic 4C","datePublished":"2024-06-19T07:27:30+00:00","dateModified":"2024-11-06T09:33:10+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/"},"wordCount":1514,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/","url":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/","name":"Cloud-Native Application Security: Strategic 4C","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp","datePublished":"2024-06-19T07:27:30+00:00","dateModified":"2024-11-06T09:33:10+00:00","description":"Master cloud-native application security: The 4 C's strategy + crucial best practices. Build secure apps from code to cloud. Read now!","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/learn\/code-to-cloud-security\/cloud-native-application-security-strategic-4c\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/01\/Strategic-4-Cs-to-Cloud-Native-Application-Security.webp","width":1792,"height":1024,"caption":"Strategic 4 C's to Cloud Native Application Security"},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/59afb6ca8aa5a87ace0efd827b3e3e24","name":"Sagy Kratu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_94.png","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/06\/avatar_94.png","caption":"Sagy Kratu"},"url":"https:\/\/checkmarx.com\/author\/sagykratu\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/96216","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/learn"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/94"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/96216\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/91869"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=96216"}],"wp:term":[{"taxonomy":"learn-cat","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn-cat?post=96216"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}