|
Are you adequately protecting the web applications that your business depends on?
Software flaws are rapidly becoming the vulnerabilities of choice to attackers determined to exploit mission critical systems. However, it isn't just vulnerabilities in the web applications that organizations need to be concerned about. Vulnerabilities across the entire enterprise application stack-including web and application servers, databases and operating systems-that form the foundation for web applications, also need to be addressed. Publicity around breaches and regulatory pressures are pushing web application security further in the spotlight. Traditional approaches to web application security, including web application firewalls, and web security modules, can be costly and complex, and do not ultimately protect the entire application stack. Host-based intrusion defense with deep packet inspection is a new approach that addresses the need of organizations to shield vulnerabilities across the entire application stack. 1. Web Applications: An attractive target
How do you cost effectively defend web applications from attack? Your organization relies on mission critical business applications that contain sensitive information about customers, business processes and corporate data. Moving away from proprietary client/server applications to web applications gives you a simpler, cost-effective, highly extensible delivery platform. These applications are more than a valuable tool to power your business operations; they are also a valuable and vulnerable target for attackers.
Web applications are increasingly the preferred targets of cyber-criminals looking to profit from identity theft, fraud, corporate espionage, and other illegal activities. The impact of an attack can be significant, and include costly and embarrassing service disruptions, down-time, lost productivity, stolen data, regulatory fines, angry users and irate customers. Beyond preserving the corporate brand, federal and state legislation and industry regulations are now requiring web applications to be better protected.
As you take action to protect web applications in a timely and effective manner, you must balance the need for security with availability, performance and cost-effectiveness. Protecting web applications requires both zero-day protection and rapid response with minimal impact to operations, and must be part of a defense-in-depth plan. Look to host-based intrusion defense systems to provide comprehensive security to proactively protect hosts, applications and sensitive data without impacting performance or changing system architectures.
2. Web applications are increasingly vulnerable
Rapid growth leads to emerging problems
The number of corporate web applications has grown exponentially and most organizations are continuing to add new applications to their operations. With this rapid growth come common security challenges driven by complexity and inconsistency. New awareness into web application vulnerabilities, thanks to organizations such as the Open Web Application Security Project (OWASP), has helped organizations identify application security as a priority. But according to a June, 2006 survey, while 70 percent of software developers indicated that their employers emphasize the importance of application security, only 29 percent stated that security was always part of the development process.
The overlooked vulnerabilities
Unfortunately, it is not just application flaws that are leaving systems vulnerable. In addition to application issues, every web application relies on a large stack of commercial and custom software components. The operating system, web server, database and all the other critical components of this application stack, have vulnerabilities that are regularly being discovered and communicated to friend and foe alike. It is these vulnerabilities that most organizations overlook when they're considering web application security.
The challenge this poses for IT Administrators and security professionals is that regardless of the source of the leak, application code or underlying software, they need to their keep mission critical applications secure.
As noted in Figure 1, threats against applications can come from a variety of sources: - Insiders: A small number of insiders who have the greatest level of access to the overall system and the greatest choice of vulnerabilities that they can exploit; - Authenticated Users: A larger number of authenticated users that can breach a vulnerability anywhere in the application or the first tier of the system; - Unauthenticated Users: Any attacker on the internet able to exploit a flaw in the application authentication mechanism or the web server.
As new vulnerabilities are found, patches become a critical part of managing application security. The process of patch management is complex and difficult to do successfully.
|
