Juniper Networks continues to grow its enterprise cloud-security family with a new product that promises to protect application workloads in any cloud or on-premises environment.\nThe company rolled out Juniper Cloud Workload Protection package--a \u00a0lightweight software agent that the company says controls application execution and monitors application behavior to help businesses spot and fix anomalies.\n\nThe idea is to provide protection from attackers looking to exploit application vulnerabilities, said Kate Adam, senior director of security product marketing for Juniper Networks.\u00a0\n\u201cWhen application code is written, it sometimes contains errors which present opportunities that attackers can use to exploit the underlying resources and process or workloads that power the application, such as databases and data collectors,\u201d Adam said. \u201cJust look at the latest public breaches. Most, if not all of them\u00a0involve the successful exploitation of\u00a0one or more application vulnerabilities.\u201d\nCloud Workload Protection deploys in Docker, Kubernetes, and Amazon Web Services\u2019 Fargate container-deployment services at the container, host, or VM level.\nIn addition, there is a small application-specific component that is loaded at runtime, similar to what is used in application performance-monitoring solutions, Adam said.\u00a0\nThe agent moniors application functions and its calls to services to understand what the app was intended to do, then looks for deviations from that vs. what\u2019s happening in real-time. The deviations are likely potential exploits, and \u00a0many times vulnerability remediation is done automatically without admin intervention, Adam said.\u00a0\nThe agent also notifies Juniper\u2019s sRX virtual firewalls, which can further augment risk-mitigation by enforcing segmentation. Automated threat response with built-in, real-time telemetry helps security teams detect threats and block them across the entire network, Adam said.\nThe new agent is part of Juniper\u2019s overarching Connected Security architecture that features myriad enterprise security components from its central Security Director and Policy Enforcer to threat detection offering up a software-defined containment system to protect networks and reduce security concerns, Juniper says.\nCloud Workload Protection will be available in September.