Balancing security and performance with business goals through observability

IT leaders face mounting challenges in securing complex tech stacks amid evolving threats, performance demands, and compliance pressures. But unifying observability and security can help balance these competing priorities. Through real-world examples like IngressNightmare and Log4Shell, discover key capabilities of unified observability that help teams deliver performance, reliability, security, and compliance without compromising innovation.

"The best defense is a good offense." With the threat surfaces of modern IT environments always expanding, taking the initiative can be the most effective way to protect your business rather than passively waiting to react to a threat or attack.

Technical leaders bear the ultimate responsibility for the security outcomes of increasingly complex tech stacks. Breaches risk financial loss and reputational damage. But it's IT teams who face the daily challenge of securing these dynamic environments and meeting compliance and performance requirements. Teams also need room to innovate and adopt new tools that address evolving organizational needs.

Balancing these competing demands is no small task. Decision-makers must accommodate flexibility and creativity while maintaining a foundation of security and stability. They must also consider business imperatives, including cost management and sustainability goals, all without compromising the quality of technology services.

As a leader, how can you get ahead of these challenges, and what capabilities do you need to strike the right balance? Unifying observability signals and context with security capabilities is a crucial advantage for teams that must simultaneously deliver security, performance, compliance, and business objectives.

Key takeaways:

• Organizations must balance IT security, performance, and business needs. Understand the challenges of balancing security outcomes with performance and business needs.
• Teams need flexible and secure environments and methods. IT environments and operating methods must simultaneously provide flexibility, stability, and security.
• Converging observability with security enables flexibility and operational stability. Adopting a unified observability approach with application-layer context can operationalize security within platform engineering, SRE frameworks, and CI/CD pipelines so vulnerabilities aren't passed to production environments.
• Observability for security detection and remediation delivers real-world results. Recent critical security vulnerabilities demonstrate how this observability approach to security helps teams mitigate risk.

Why balancing security and performance with business goals is challenging

Modern tech stacks consist of a myriad services that address specific needs at every stage. But these services, which span hybrid and multi-cloud environments, also introduce ever-expanding attack surfaces. While microservices, container orchestration, and broader DevSecOps practices have transformed software delivery, they also present some very real challenges.

• Security complexity. More services from increasing vendors and open-source projects also expand the attack surface through vulnerabilities and attack vectors. And it's not just external attackers; misconfigurations, siloed tools and teams, and outdated processes amplify the risk.
• Performance expectations. Organizations must deliver fast, reliable, and scalable systems to meet user needs. Securing these systems without undermining speed and responsiveness requires an integrated approach.
• Regulatory compliance demands. Businesses must also keep up with stringent regulations involving data storage, processing, and access. These requirements are constantly evolving, making compliance an ongoing challenge.
• Cost and sustainability pressures. As organizations expand their cloud computing and generative AI tools, they must also mind expanding costs and carbon footprints.

Balancing these priorities demands a leadership mindset that simultaneously helps teams innovate while assisting the organization in meeting its performance, compliance, and cost obligations. Striking this balance also requires some key capabilities.

Key capabilities for building a flexible, secure, and stable environment

The challenge for technical leaders comes down to this question: How do you offer your teams the tools and freedoms they need to be creative while maintaining the guardrails that protect applications and stabilize operations?

The answer lies in creating an operating environment that integrates security, performance, and compliance capabilities at every layer.

Full-stack observability

Comprehensive observability of every layer-from infrastructure to user experience-is vital for identifying IT and security risks, optimizing performance, and providing context to link IT with business goals.

Application security

Observability facilitates runtime vulnerability analytics and application protection so teams can monitor vulnerabilities in real time, catch anomalies early, and safeguard against threats. Teams must operationalize those security findings so developers who need to fix them know exactly what to do and which security finding to focus on. Prioritizing context-based risk by combining observability and security is the best way to close the door to exploits, which represent the number one entry point (38%) for successful intrusions.

Security posture management for Kubernetes and cloud environments

Effective security management of cloud and Kubernetes environments includes assessing misconfigurations and practices that don't meet regulatory compliance standards and security guidelines. As with vulnerabilities, SREs need awareness of these configuration issues and ideally have a system that can automatically generate the code fix for the configuration-as-code files they work with daily. Automating remediation decreases uncertainty about what to do and drastically reduces time spent on determining the fix.

Observability for developers

Developers need tools that help them understand how code behaves in production, enabling them to integrate security into the development lifecycle.

Platform engineering and site reliability engineering (SRE)

Strong platform engineering and SRE practices can standardize workflows, simplify toolsets, and meet reliability targets while giving teams the autonomy to build innovative solutions.

Carbon footprint monitoring

Sustainability has become a top concern for many organizations. Teams need tools that provide visibility into the environmental impact of workloads to help reduce emissions.

Compliance automation

Regulatory compliance is increasingly important for organizations in just about every region of the world. Automated compliance solutions help teams meet fast-changing regulatory requirements and reporting timelines while minimizing manual overhead.

These capabilities, delivered through an integrated AI-based platform, create an operating environment that fosters both innovation and security.

How unified observability delivers security advantages

End-to-end observability in context with performance metrics, user experience, and business metrics, offers a unique benefit to an organization's security posture management. By integrating data from all channels on a single platform using automatic and customizable instrumentation, teams have access to the data they need to act quickly and confidently.

A unified observability platform integrates data from the full stack to enable use cases that span performance, application security, and business outcomes.

With comprehensive observability in context, developers and SREs can quickly identify exposed vulnerabilities. Likewise, security teams can immediately pinpoint threats so they can focus on what matters most.

• Exploitation awareness. Evaluate vulnerabilities based on whether they expose critical assets or are subject to active exploits.
• Real-world context. Implement a system that can continuously collect data and automatically prioritize risk based on context, which vastly reduces the need for time-consuming manual risk assessments and priority evaluations.
• Streamlined prioritization. Reduce noise and false positives by assessing threats based on their real impact on your environment, not just abstract risk scores.

Integrated security and performance in practice: Learning from recent critical vulnerabilities

Vulnerabilities-and the exploits that follow them-are a fact of life. A few recent examples demonstrate how an observability platform approach to security can mean the difference between real harm with a long recovery or nipping a zero-day vulnerability in the bud with little or no downtime.

VMware VMSA-2025-0004

The VMSA-2025-0004 advisory consists of three Common Vulnerabilities and Exposures (CVEs) that represent unique risks to virtualized and containerized environments. With specialized virtualization security posture management (VSPM) capabilities, teams can quickly detect the VMSA-2025-0004 vulnerabilities and automate remediation.

Navigate to Vulnerabilities: One step in using security and performance data to find VMSA-2025-0004-related vulnerabilities.

NGINX IngressNightmare

The IngressNightmare cluster of vulnerabilities affect the mechanisms that allow external traffic to access services within a Kubernetes cluster. By exploiting a chain of multiple flaws, an attacker can use remote code execution (RCE) to upload and execute a file and inject arbitrary code to take over the whole cluster. With access to full Kubernetes logs, metrics, and trace data in a causal data lakehouse, teams can detect vulnerable instances and surface signs of compromise for quick remediation.

Instances of ingress-nginx affected by the NGINX vulnerability IngressNightmare.

Apache Struts 2 CVE-2024-53677

The Apache Struts 2 vulnerability affected the widely used Java framework for web applications, Apache Struts 2. Also an RCE vulnerability, CVE-2024-53677 allowed attackers to manipulate file upload parameters, leading to unauthorized file placement. Understanding the mechanics of the file upload systems helped teams find the signatures of these exploits using data lakehouse queries and Runtime Vulnerability Analytics to detect the active use of the vulnerable method within their applications.

An overview of the Apache Struts 2 vulnerability showing how security and performance can converge to identify security risks.

CrowdStrike update crisis

Sometimes risk to systems comes in the form of a faulty software update, such as the CrowdStrike "blue screen of death" incident from 2024 that affected Windows servers. With full-stack monitoring and topology mapping, out-of-the-box dashboards, synthetic monitoring, data lakehouse querying, collaborative notebooks, real-user monitoring, and service-level objectives to help prioritize remediation, teams were able to recover in hours.

Systems infected during the CrowdStrike outage.

Log4Shell

In 2021, the Log4Shell vulnerability exposed applications to RCE exploits through its error logging functions. In this scenario, an attacker could direct the logging function to request an infected resource, then download and execute it, causing system damage or data compromise. To quickly find affected systems and mitigate exposure, teams needed to automatically identify all vulnerable applications and the data systems they depend on and prioritize those that are exposed to the internet.

How a threat actor can exploit the Log4Shell vulnerability.

With observability to reveal details of affected systems, a data lakehouse for preserving all data in context, and analysis tools to discover details and threat signatures, organizations were able to quickly prioritize remediation, often avoiding downtime altogether.

Balancing security and performance with the business

In today's business environment, leaders need to give their teams every advantage to anticipate rapid change and emerging threats. Unifying observability and security with a single AI-driven platform delivers those advantages so organizations can balance performance and security with the compliance, cost, and sustainability goals of the business.