• About Us
  • Advertise With Us

Wednesday, July 1, 2026

  • Home
  • AI
  • Cloud
  • DevOps
  • Security
  • Webinars
  • Videos
  • Home
  • AI
  • Cloud
  • DevOps
  • Security
  • Webinars
  • Videos
Home Security

Beyond RPKI: Fixing the Gaps in Routing Security Today

Barbara Capasso by Barbara Capasso
April 24, 2025
in Security
0
Global map showing secure and insecure BGP routing paths with RPKI validation overlays in red and green lights.

A futuristic digital map of Earth displaying global internet routing paths. Green paths indicate secure BGP routes with RPKI validation, while red paths highlight insecure or vulnerable routes. Ideal visual representation for an article on internet routing security.

176
SHARES
3.5k
VIEWS
Share on FacebookShare on Twitter

By Barbara Capasso · LevelAct

The internet’s invisible architecture—the routing layer—remains both a marvel and a minefield. Despite years of attention, routing security remains a global weak point. While promising initiatives like RPKI have gained traction, we now face new challenges: adoption plateaus, policy bloat, and a lack of sustained momentum. In this article, we examine where we stand today, what’s holding us back, and how the industry can move forward.


RPKI Route Origin Validation (ROV): Progress, but Are We Plateauing?

Resource Public Key Infrastructure (RPKI) adoption has accelerated over the past three years. Major cloud providers, regional IXPs, and Tier 1 networks have implemented Route Origin Validation (ROV) to reject invalid BGP route announcements. According to recent MANRS metrics, RPKI usage now covers over 50% of global routing paths.

But growth is slowing.

  • Many large players have adopted ROV, but smaller ASNs and regional ISPs have yet to follow.
  • A lack of technical expertise and operational automation tools prevents mass adoption.
  • There is still no universal enforcement mechanism or incentive model to mandate ROV implementation.

The plateau suggests that voluntary adoption may have reached its limit—pushing us toward a new question: What will it take to make RPKI universal?


The Problem with Bloated AS-SETs: Risk Hiding in Plain Sight

Autonomous System Sets (AS-SETs) in Internet Routing Registries (IRRs) are designed to define which ASNs a provider should accept routes from. But over time, these AS-SETs grow uncontrollably.

  • Some AS-SETs contain thousands of entries—many of which are stale, defunct, or misconfigured.
  • Poorly maintained AS-SETs make route filtering unreliable, opening doors to route leaks and route hijacks.
  • Attackers can exploit these outdated entries to inject malicious prefixes into otherwise trusted routing paths.

Cleaning up AS-SETs is a low-effort, high-impact fix—but it’s often overlooked in favor of larger architectural discussions. This issue underscores a broader truth: routing security isn’t just about crypto—it’s about hygiene.


Sustaining Momentum: Measurement, Pressure, and Transparency

A handful of technical communities are actively pushing routing security forward:

  • MANRS (Mutually Agreed Norms for Routing Security) now includes over 1,000 participants.
  • CAIDA’s BGPStream and NLNOG RING provide public data on BGP anomalies.
  • Regional NOGs (Network Operator Groups) host workshops to train engineers on RPKI and IRR filtering.

Yet the majority of networks still don’t monitor their own routing behavior—let alone secure it. The key to progress lies in:

  • Measurement frameworks: to benchmark adoption and validate claims
  • Community pressure: from peers, IXPs, and upstream providers
  • Regulatory influence: particularly for critical infrastructure and national backbones

Until routing security becomes a business risk discussed at the board level, it will remain an underfunded engineering task.


Conclusion: A Turning Point, or a Treading Point?

Routing security is no longer a “nice to have.” It’s a foundational part of internet resilience in an era of rising attacks, state-sponsored interference, and supply chain vulnerabilities. We’ve come far—but we haven’t yet secured the routing layer.

To push forward, we must:

  • Incentivize universal RPKI adoption
  • Reduce the technical debt hidden in AS-SETs
  • Build a culture of accountability around routing decisions

We know what to do. The question is—will the internet community do it before the next big breach reminds us why we should have?

Tags: AS-SETsBGP hijacksborder gateway protocolCAIDAinternet infrastructureIRRMANRSNetwork Securityroute origin validationrouting securityRPKIRPKI adoption
Previous Post

Edge Meets AI: How Cisco and Nutanix Are Redefining Intelligent Infrastructure

Next Post

Secure Every Commit: Automating AppSec Tests in CI/CD

Next Post
DevSecOps pipeline automation visualization with GitHub, GitLab, and Azure DevOps integration layers

Secure Every Commit: Automating AppSec Tests in CI/CD

  • Trending
  • Comments
  • Latest
AI in DevOps automation concept with cloud, pipelines, and artificial intelligence systems

Agentic AI Is Reshaping DevOps and Enterprise Automation in 2026

March 19, 2026
Agentic AI managing automated DevOps CI/CD pipeline infrastructure

Agentic AI in DevOps Pipelines: From Assistants to Autonomous CI/CD

March 9, 2026
AI cybersecurity systems detecting and defending against AI-powered cyber threats

The AI Cybersecurity Arms Race: When Intelligent Threats Meet Intelligent Defenses

March 10, 2026
DevOps feedback loops in a modern CI/CD pipeline

DevOps Feedback Loops: The Hidden Bottleneck Slowing CI/CD

March 9, 2026
Microsoft Empowers Copilot Users with Free ‘Think Deeper’ Feature: A Game-Changer for Intelligent Assistance

Microsoft Empowers Copilot Users with Free ‘Think Deeper’ Feature: A Game-Changer for Intelligent Assistance

0
Can AI Really Replace Developers? The Reality vs. Hype

Can AI Really Replace Developers? The Reality vs. Hype

0
AI and Cloud

Is Your Organization’s Cloud Ready for AI Innovation?

0
Top DevOps Trends to Look Out For in 2025

Top DevOps Trends to Look Out For in 2025

0
AI instead of Google showing a person using artificial intelligence for search and answers

Why Millions Are Switching to AI Instead of Google in 2026

June 30, 2026
Everyday people using AI in daily life including students, office workers, parents, and small business owners using AI tools to write, search, and learn faster

Everyday People Using AI Are Quietly Changing the Internet

June 26, 2026
AI IT Help Desk using artificial intelligence to automate enterprise technical support and customer service requests

AI IT Help Desk Is Eliminating the Traditional Help Desk

June 25, 2026
Digital workforce powered by AI employees working alongside human professionals in a modern enterprise office.

AI Employees Are Arriving: The Rise of the Digital Workforce

June 11, 2026
ADVERTISEMENT

Welcome to LevelAct — Your Daily Source for DevOps, AI, Cloud Insights and Security.

Follow Us

Linkedin

Browse by Category

  • AI
  • Cloud
  • DevOps
  • Security
  • AI
  • Cloud
  • DevOps
  • Security

Quick Links

  • About
  • Advertising
  • Privacy Policy
  • Editorial Policy
  • About
  • Advertising
  • Privacy Policy
  • Editorial Policy

Subscribe Our Newsletter!

Be the first to know
Topics you care about, straight to your inbox

Level Act LLC, 8331 A Roswell Rd Sandy Springs GA 30350.

No Result
View All Result
  • About
  • Advertising
  • AI Accountability Crisis, Video Briefing with Veronica
  • AI Agents Are Replacing Dashboards: The Rise of Autonomous Enterprise Operations
  • AI Agents Are Replacing SaaS: Enterprise Software Disruption
  • AI Browser Wars: Colton Reed Reveals the Future of Search
  • AI Data Center Infrastructure Crisis: Power, Cooling, and Scaling Limits
  • AI Data Centers Face Growing Water Crisis Video
  • AI Data Poisoning Is the Next Enterprise Cybersecurity Crisis
  • AI Governance Is Becoming a Competitive Advantage | Jennifer Briefing
  • AI Infrastructure Wars: Why Enterprises Are Building Private AI Clouds
  • AI IT Help Desk: The End of Traditional Enterprise Support | Video Briefing with Veronica
  • AI Job Interviews Are Changing Forever | Video Briefing with Naomi
  • AI Privacy Crisis: How Much Does AI Know About You?
  • AI-Driven DevOps: Why Enterprise Teams Are Rebuilding Around AI
  • AI-Native Data Centers: The Future of AI Infrastructure
  • AI-Powered Cyberattacks Video Briefing with Jennifer
  • Autonomous AI Agent Security Crisis of 2026
  • Calendar View
  • Cloud Giants vs. Regional AI Data Centers: The New Battle for Compute
  • Editorial Policy
  • Events
  • Everyday People Using AI
  • Home
  • LevelAct Webinars
  • LevelAct Webinars: Expert Insights on AI, Cloud, DevOps, and Security
  • Meta Quietly Launches ‘Forum’ — A New Reddit-Style Community Platform
  • Privacy Policy
  • The Agentic Web: AI Agents Are Becoming Internet Users
  • The End of Search: Are AI Assistants Replacing Google?
  • The Future of Agentic Software Delivery: Unifying Source & Binaries
  • Vertical Cloud Infrastructure Is Reshaping Enterprise IT
  • Videos
  • Webinar Solutions
  • Why Platform Engineering Is Replacing Traditional DevOps

© 2026 JNews - Premium WordPress news & magazine theme by Jegtheme.