Tool sprawl is usually defined as organisations adding more and more tooling to the point of hindering rather than helping. This is usually a gradual process that creeps up on companies, before you know it you have a plethora of different tooling all working in isolation of each other.
Organisations, on average, run 25 to 49 security tools from up to 10 different vendors. These can be monitoring tools for IT infrastructure, such as network, endpoint, wireless, identities, and so on, but it applies to software development as well.
Security Tool Sprawl
When this happens with security tools sprawl, it can result in teams so overwhelmed by security alerts that they can’t respond to them effectively, if at all! Forrester note that as many as 40% of organisations admit that their development teams are so overwhelmed by security alerts that they can’t respond to at least 25% of them. Indeed, when security alerts are so constant, they become background noise and are ignored, the exact opposite of the intent.
Chaos, Inefficiencies and Vulnerabilities
Therefore, security tool overload can end up creating chaos and inefficiencies, leading to reduced productivity, inefficient workflows and higher overall costs. Exactly what a good mix of security tools is supposed to help development teams avoid.
Still, the perception persists that if some tools improve your security, more will improve it even more. Unfortunately, if you pile too many tools on your security team, especially if you can’t coordinate them on a single platform, your developers are more likely to ignore critical alerts.
This allows hackers to exploit vulnerabilities in tools that do not communicate securely or are not regularly updated. It could even be the case that when hackers breach defenses, the alerts to them could be ignored.
Getting It Right
Of course that does not mean you should not invest in new tools. The right combination of tools, that run the right tests, at the right time, can help security keep pace with development, which has evolved at a startling pace over the last few years.
activereach’s recommendations to address security tool sprawl are:
1. Take an inventory of your security tools
The first thing to do to take a rigorous inventory and evaluate it. Know what you have and what it is supposed to do. And then evaluate all the tools you have identified. Are they properly configured, deployed, and up to date? Are they doing what they are supposed to do? Is more than one tool doing the same thing? Does one tool do it better than another?
If a security tool is inferior or redundant, get rid of it. Security clutter is the last thing you want.
2. Make sure your tools complement one another
Second, make sure your tools work together. It doesn’t matter if you have a great tool that is considered best in class if it can’t play nice with the other tools you have. Your tools need to integrate with one other and into your workflow. This makes it easier to embed security into the software development lifecycle from start to finish.
It has been said the best way to encourage developers to add “Sec” to DevOps is to make the secure way the easier way.
3. Automate, automate, automate (and consolidate)
Our recommendations to organisations experiencing the sprawl described in this article is to automate and consolidate!
activereach deploy tooling such as Netskope’s SASE solution because in many cases we can replace 4 or 5 discreet tools sets with just one, freeing up operational budget and manpower to focus on revenue generating activities.
Attack surface management tools such as Risk IQ detect and identify a broad range of threats and vulnerabilities, meaning teams are able to focus on what is important rather than reacting to alert overload.
Don’t get bogged down with too many redundant, legacy tools. Make sure all the tools you have are relevant, efficient, integrating with each other and automating as many processes as possible.
Sometimes less IS more.
To find out how activereach can help you reduce tool sprawl contact us or give us a call on 0845 625 9025.