Security Apps have the Most Flaws?

Posted by Mark Teter, Chief Technology Officer
July 18, 2011

I was recently reading an article by John Dunn at Techworld that discussed the enormous number of flaws found in security apps. This is why everyone should use security in depth. First and foremost, it is important for you to be able to tell the difference between a firewall, IPS/IDS, and a web application firewall. All three are important network and data security devices that help protect your environment and sensitive data in different ways. A firewall will generally control who can access your system and who cannot. An IPS/IDS will detect invalid or malicious packets that match particular signatures, an IDS watches a copy of the traffic whereas IPS watches the real traffic. A web application firewall will not just inspect packets, but will actually inspect full request and responses at the application level.

No one network and data security solution is perfect and where there are advantages, there are also drawbacks. It is also very easy to create rules that generate false positives (in other words, rules that block both valid and invalid traffic). Despite the difficulty in creating well designed custom rules, all web applications usually come with a very solid core rule set. Modsecurity, the open source web application firewall solution, boasts a core rule set that protects against the types of threats listed in the article. Out of the box it protects against generic SQL injection attacks, Cross Site Scripting, and even language specific injections.

With all that said, it is easy to see that a Web Application Firewall is a good choice when looking to supplement network and data security. Of course, I say supplement because no one device is going to provide perfect security. Security is best accomplished through layers and as great as a web application firewall may seem, it does not replace a standard network firewall, an IPS/IDS, or even thorough code checks and patching. However, when a Web Application Firewall is used in conjunction with all (or even some) of the above, it provides a new level of network and data security that greatly reduces the risk of compromise to sensitive data.

About Mark Teter Before he retired from ASG in 2013, Mark Teter was Chief Technology Officer (CTO) and the author of 'Paradigm Shift: Seven Keys of Highly successful Linux and Open Source Adoptions.' As CTO, Mark regularly advised IT organizations, vendors, and government agencies, and he frequently conducted seminars and training programs.

Filed Under: Security

0 Responses to 'Security Apps have the Most Flaws?'

Leave a Comment

Please copy "CpYgAxuOHKdfUaliuKWBKYv7LJarm7eA" into the field labeled "Uncaptcha"