Last week, at the SANS DFIR Security Summit, my colleague Mike Cioffi and I had the opportunity to dive deep into an often overlooked but critical aspect of cybersecurity: the management of third-party application risks.
During our 30-minute discussion, we aimed to shed light on common challenges and misconceptions surrounding this topic. You can view the full presentation here.
Identifying the Unseen Threats
It’s a tough pill to swallow when someone points out a problem you didn’t know you had. That was our role last week—to be the bearers of inconvenient truths about your API security strategy and third-party landscape. Our goal was not just to spotlight these issues but also to guide the audience toward a strategic approach to managing them effectively.
The Escalating Problem
As organizations increasingly integrate third-party applications, each new connection introduces potential vulnerabilities. Risks such as sensitive data theft, supply chain API attacks, and ungoverned Network Host Interfaces (NHIs) become more prevalent. These threats illustrate the complex web of dependencies and the lack of control that can exacerbate security challenges.
Beyond Shifting Left or Right: Shifting Correctly
Traditional security strategies often emphasize “Shifting Left”—integrating security early in the development process. However, this approach falls short with third-party applications for several reasons:
On the other hand, “Shifting Right”—which focuses on continuous monitoring and review—alone isn’t sufficient either. Although it’s crucial for identifying and mitigating risks in real-time, it must be part of a more comprehensive strategy.
Shifting Correctly: A Holistic Approach
Our recommended strategy, “Shifting Correctly,” combines proactive and reactive measures to manage third-party applications effectively:
By embracing both proactive and preventive approaches, organizations can significantly reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), enhancing their overall security posture.
Looking Forward
Our talk was just the beginning. As threats evolve, so too must our strategies to counter them. By understanding and implementing a balanced approach to API security and third-party management, we can safeguard our data and systems more effectively than ever before.
If you’d like to continue the conversation, request a demo here.
View the full presentation here or download the slides.