Headline
Platform Engineering Is Security Engineering
For modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embedding security into the fabric of those systems.
Michelle Ensey, Senior Manager of Product Management, NGINX
September 10, 2024
4 Min Read
Source: Brian Jackson via Alamy Stock Photo
Platform engineering is the rising star of the operations firmament. But squint hard and you’ll quickly see that the foundation of any serious platform engineering program is operational and application security. By designing a platform through a “security-first” lens, platform engineering leaders can set up their DevOps and AppDev teams for success and make them more efficient by minimizing the toil and cognitive load required to properly execute security policies and practices.
Designing Platform Assets From "Least Privilege": A Lockdown Mindset
Every component within your platform — be it a virtual machine, a container, or even a service account — should operate with the bare minimum number of permissions. This is native to security and secure by design, but it should also be a core part of platform design, too. This limits the blast radius if an attacker does compromise a part of your system. Platform engineering teams should design their tools and services for application developers and DevOps practitioners accordingly. Doing this well requires attention to detail and a deep understanding of developer workflows. It also means that platform designs should, if possible, accommodate just-in-time access that elevates permissions only when necessary and revokes them after the required action. Sounds hard, but everything is moving faster in application development, so permissioning systems should meet the challenge, too. This means keeping developers in their workflows and making sure they get what they need when they need it, while also maintaining proper security.
Secure Defaults in Configuration Management: No Room for Sloppiness
When your infrastructure is defined as code (IaC), the default settings for critical components (load balancers, database access, API gateways) become the foundation of your security posture. Developers want to spend as little time as possible on configurations. Yet a shockingly high percentage of security incidents are attributed to misconfigurations of security controls or access policies. Configuration management isn’t sexy, but platform engineering for security means putting real muscle-building default configs and scanning behind it to ensure those configs are enforced in testing and deployment. Closely related to security configuration management is hardening IaC templates (Terraform, CloudFormation, etc.). These templates define your infrastructure deployments. Attackers know this and are paying more and more attention to IaC as an avenue of attack. Regular security reviews and IaC scanning can help uncover potential weaknesses. For their part, developers just want to grab a template and run with it. Inline suggestions where developers deploy infrastructure are becoming essential. New AI systems are particularly helpful in analyzing configurations and suggesting changes to harden or improve them.
Automated Security Testing in CI/CD Pipelines: Fail Fast, Fail Safe
Platform engineering must integrate security checks directly into your continuous integration and continuous delivery (CI/CD) pipelines so they run automatically whenever developers test code (and often before it is pushed to the main branch). This spots vulnerabilities early in the development cycle. Running static application security testing (SAST) and software composition analysis (SCA) to detect code vulnerabilities and risky open source components is the bare minimum.
More comprehensive practices entail container image scanning for known vulnerabilities and IaC scanning for misconfigurations. Better yet, deploying runtime scanners can detect problems that might appear only when processes are running. Properly done, security automation increases policy enforcement and reduces human error. However, heavy-handed automation can become problematic. For example, enforcing broad, automated code scanning of an entire application before every commit may result in scanners calling out known but irrelevant issues and slowing down CI/CD pipelines for no good reason. Scanning should be integrated with the developer experience using in-line tooling and scanners that never move the dev out of their comfort zone. Scanning can also focus on code that changes to reduce alert fatigue.
GitOps for Version and Control
Adopting GitOps for managing infrastructure and container images can help platform engineering better manage fast-changing configurations and create more transparent and accountable infrastructure engineering. Version control, deployment of configurations as code, and the use of a central repository are simple paths to improving application and infrastructure security by removing human errors, streamlining workflows, and eliminating unfamiliar additional IT orchestration systems. SecOps teams can even share Git access to GitOps workflows so that during a security incident everyone is in the same repo and able to root-cause together. For developers and DevOps, GitOps feels more native than trying to learn new environments like Ansible or other IT deployment and configuration engines.
Conclusion: Platform Security is Job No. 1
These are just some of the ways smart platform engineering can actually boost security while still improving developer experience, code velocity, and DevOps performance. Any assumption that enhancing platform security will necessarily slow down and hinder application development is a false trade-off. In fact, the two can be highly complementary, and platform engineers are probably better suited to delivering security while improving developer experience than security engineers themselves. For modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embedding security into the fabric of those systems, making it an integral part of security engineering.
About the Author
Senior Manager of Product Management, NGINX
Michelle Ensey is an accomplished product management professional with extensive experience across diverse industries. She currently serves at NGINX, where she plays a pivotal role in developing and delivering cutting-edge solutions to enhance application delivery and security. Known for her unwavering dedication to continuous learning and innovation, Michelle stays ahead of technological trends and is always enthusiastic about tackling new challenges and seizing opportunities to drive progress. Her commitment to excellence and her passion for technology make her a standout in her field.