TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources СLOUD SECURITY CYBERSECURITY OPERATIONS ENDPOINT SECURITY CYBER RISK Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know. The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era Speed and security are historically clashing priorities, but with AI and automation, it's increasingly important that application developers and security teams get on the same page. Arielle Waldman,Features Writer, Dark Reading March 2, 2026 5 Min Read SOURCE: YURI ARCURS VIA ALAMY STOCK PHOTO The relationship between application developers and security teams has always been fraught with tension. At the core lies an ongoing battle — speed versus security — and that tug of war has been further exacerbated by mounting firewall backlog challenges driven by increased reliance on artificial intelligence and automation. Traditionally, developers submit a firewall rule request before deploying a new application, service, or tool inside an enterprise environment. However, security teams can take weeks to review and approve the request, as they are overwhelmed by sprawling firewall logs used to aid investigations, maintain policies, analyze network traffic, and identify unauthorized access. Developers don't want to wait. They want to build their next application. Security teams need time. They want to reduce risk. And as the rate of development and deployment accelerates, the volume of requests piles up. Related:'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption This dichotomy creates a natural tension across the organization, explains Aviatrix CPO Chris McHenry. Acknowledging that tension, embracing it, and learning how to reduce it is vital for organizations, he urges. "There can be 3,000 rule requests in backlogs," he adds. "Response time is anywhere between two and four weeks. Developers just sit, waiting to continue to work." A Tale as Old as Time The strained relationship between developers and security teams can be traced back to the evolution of enterprise IT architecture, explains McHenry. Rapid cloud adoption fundamentally changed how organizations deploy applications and manage user access. AI and automation will only accelerate the process by spinning coding, deployment, and other development functions even faster. Before the cloud era, security teams occupied the driver's seat, as organizations operated with physical laptops, desktops, and data centers. However, the emergence of cloud offerings sparked a fundamental shift in organizational operations. Before, security teams "could literally create physical boundaries that they could control," McHenry tells Dark Reading. "It's tough for people to go from full control to no control." Cloud adoption improved speed, allowing developers to build applications even faster. Developers became cloud buyers, as they didn't have to wait for someone else to handle procurement and setup. "It was such a pickle with cloud security postures in many environments because developers — and the business, more importantly — now expect that speed, and security is trying to play catch-up," McHenry says. Related:When the Cloud Rains on Everyone's IoT Parade The friction between developers and security teams is actually improving, says Aaron Rose, Office of the CTO at Check Point. More organizations are treating security as a shared responsibility rather than a last-minute blocker, he adds. However, developers and security teams face significantly opposing demands that continue to strain the relationship. The former needs to ship code quickly while the latter feels pressure to "reduce risk with limited time and context," Rose tells Dark Reading. "When security tooling or approvals sit outside the developer workflow, you get long feedback loops, rework, and frustration on both sides," he says. Architecture Evolves, Firewalls Stay the Same Developers used to be able to bypass firewalls more easily when policies relied on static IP addresses. But in the cloud, these change constantly. Now, it takes forever to get a new firewall rule in place, explains McHenry, noting that there are now more places for the process to break. If a firewall only knows how to handle IP addresses, organizations are in trouble, he warns. That can lead to significantly larger volumes of changes. Organizations face tight windows for changes, as firewalls represent a “huge blast radius” that can expose entire networks to risk. Related:How Gray-Zone Hosting Companies Protect Data the US Wants Erased "I used to be able to click, click, click; but now I have to go back to opening a ticket and waiting two weeks, and someone will put it in, and they may or may not approve it," he says. He adds that developers must write 100 lines of approval code to justify the access they requested in the first place. While hybrid and multi-cloud architectures changed operations by increasing the number of enforcement points and the number of policy translations needed for a single business change, many organizations did not adapt their strategies. They still run firewall operations like they always have, explains Rose. That means tickets, manual review, manual implementation, and period audits, he adds. "That model can't keep up with modern delivery cadence, so backlogs emerge," Rose says. McHenry observed similar disconnects. Organizations will try to apply previous practices to new cloud services, but the speed developers were accustomed to slows down, and that's a huge point of frustration for them. 'It's Only Going to Get Worse' In large enterprises, Rose attributes backlogs to multi-vendor sprawl, global organizations, and layered processes. For small-to-medium (SMB) sized businesses, it's usually a resource issue — or lack thereof. One person may handle networking, security, and cloud, and sometimes the help desk functions, adds Rose. "Changes get delayed not because of policy bureaucracy, but because there simply aren't enough hours in a day," Rose says. Backlogs slow business operations, heighten network exposure, and drastically reduce visibility. McHenry reveals that people would be "surprised" by how many organizations users interact with regularly have no visibility or control over what comes in or out of their cloud. Many SMBs don't use rules at all, because they don't have the capacity to manage them, says McHenry. Their firewalls are generally wide open, he warns. Organizations often struggle to balance prioritizing new cybersecurity controls with maintaining operational speed and revenue. But McHenry says those two don't have to be mutually exclusive. Automating certain processes and embedding controls into developer workflows can help enterprises address these challenges. Enterprises are now treating firewall policies as an engineered product by defining intent in application terms, automating risk checks, and reserving human review for exceptions or high-risk changes, explains Rose. Improving the relationship between developers and security presents a significant innovation opportunity for organizations, McHenry adds. Support developers with what they're accustomed to regarding self-service, but do so in a way that still supports security best practices, he recommends. Organizations respond to the tension in a number of ways, but it's not just about deploying new technology -- processes need to be updated as well. "If app teams are moving faster with Claude code and AI development, then holy crap, the log is going to grow like crazy," McHenry warns. "Without changing the process, it's only going to get worse." About the Author Arielle Waldman Features Writer, Dark Reading Arielle spent the last decade working as a reporter, transitioning from human interest stories to covering all things cybersecurity related in 2020. Now, as a features writer for Dark Reading, she delves into the security problems enterprises face daily, hoping to provide context and actionable steps. She looks for stories that go past the initial news to understand where the industry is going. She previously lived in Florida where she wrote for the Tampa Bay Times before returning to Boston where her cybersecurity career took off at SearchSecurity. When she's not writing about cybersecurity, she pursues personal projects that include a mystery novel and poetry collection. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like СLOUD SECURITY Can Cybersecurity Weather the Current Economic Chaos? by Robert Lemos, Contributing Writer APR 21, 2025 СLOUD SECURITY Google to Acquire Wiz for $32B in Multicloud Play by Alexander Culafi, Senior News Writer, Dark Reading MAR 18, 2025 СLOUD SECURITY Google Gemini Flaw Turns Calendar Invites Into Attack Vector by Elizabeth Montalbano, Contributing Writer JAN 20, 2026 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Edge Picks APPLICATION SECURITY AI Agents in Browsers Light on Cybersecurity, Bypass Controls CYBER RISK Browser Extensions Pose Heightened, but Manageable, Security Risks CYBERSECURITY OPERATIONS Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds ENDPOINT SECURITY Extension Poisoning Campaign Highlights Gaps in Browser Sec