Miggo has emerged from stealth to launch a namesake application detection and response (ADR) platform that enables IT teams to respond to cyberattacks in near real-time.

Fresh off raising $7.5 million in seed funding, Miggo CEO Daniel Shechter said the platform continuously analyzes application interactions and data flows to identify anomalous behavior indicative of a cyberattack. It then automatically applies mitigations to limit the scope of the attack before a major breach ensues.

In the absence of that level of visibility, existing cybersecurity tools are unable to detect when flows between application services are disrupted by, for example, malware that has been injected into an application environment, noted Shechter.

Historically, application security has not received the same level of attention as network security. But cybercriminals can now bypass perimeter defenses, making it more critical to secure individual applications. It’s not uncommon for cybercriminals to use stolen credentials to inject malware into application environments that might not be activated for several weeks. The Miggo platform enables cybersecurity teams to apply mitigations in real time once any deviation in application behavior is observed, said Schecter.

In effect, Miggio is now applying many of the same principles used by DevOps teams to manage observe applications to application security, Schecter noted.

It’s not clear how responsibility for application security will evolve going forward. In theory, at least, DevSecOps teams are taking more responsibility for building and deploying more secure applications. However, after an application is deployed it’s often the cybersecurity team that is expected to ensure it’s working right. Of course, if remediating an issue requires a patch, then the cybersecurity team typically reaches out to the application developer. That patch needs to be tested before being deployed.

The Miggo approach enables security operations teams to apply mitigations to contain a breach without exposing the organization to additional risk if a patch is required, said Schecter. That’s especially critical in IT organizations where the amount of time an application development team can allocate to creating and testing patches to software might be limited.

As is always the case, the sooner a breach is detected the less damage is likely to be inflicted. Cybersecurity teams have experimented with ways to contain security breaches for years. with limited success. It’s not clear to what degree applying mitigations in real time might fundamentally change the way application security is managed but given the number of breaches that have already occurred it’s clear existing methods for securing applications are insufficient.

The challenge, of course, is securing the funding needed to address application security. Too often, application development teams assume cybersecurity teams are responsible for application security only to discover most of their resources were allocated to network and endpoint security. Conversely, many cybersecurity teams assume application development teams are responsible for securing the software they create. In the absence of any dedicated application funding, it all too often turns out that application security becomes the proverbial red-headed stepchild that no one is really being held accountable to maintain.

Photo credit: Jake Lee on Unsplash