Security Management Strategies for the CIO
Email Alerts
-
Next-generation firewalls: Must-have NGFW features
Gain insight to help you decide whether a next-generation firewall is right for you and how to make its deployment and management smooth and successful. Security School
-
Readers' Choice Awards 2012
For the seventh consecutive year, Information Security readers voted to determine the best security products. More than 2,000 voters participated this year, rating products in 14 different categories. guideSeries
-
Readers' Choice Awards 2011
Readers vote on the best standalone Web application firewalls as well as WAFs that are part of application acceleration/delivery systems. Guide
-
Quiz: Securing the application layer
Take this quiz to test your knowledge of the information presented in the Integration of Networking and Security school lesson on securing the application layer. Quiz
-
More from SearchSecurity.com -- January 2007
Highlights from Information Security magazine's January 2007 issue Information Security maga
-
PING with Josh Seeger
Josh Seeger, CIO of Tribune Broadcasting, a unit of the Tribune Company, talks exclusively about lessons learned when faced with the complex task of meeting the Payment Card Industry Data Security Standard (PCI) requirements. He also explains that w... Information Security maga
-
Application firewalls offer specialized protection
Network security's most dangerous attacks are aimed at specific application protocols, coding flaws, and configuration errors. Application firewall appliances can help network engineers defeat these increasingly focused and specialized attacks. Security Spotlight
-
More from SearchSecurity -- August 2006
Highlights from August 2006 issue of Information Security magazine. Information Security maga
-
PING with Robert Garigue
Robert Garigue may be less than six months in a new industry as Bell Canada's chief security executive, but that doesn't mean that the security playbook that served him well as CISO for the Bank of Montreal has to be scrapped. Most threats and best p... Information Security maga
-
Merging firewalls: Making your enterprise more secure with Sidewinder
Review: Secure Computing creates an impressive product by merging two leading firewalls into the Sidewinder G2. Feature
-
Custom, targeted malware attacks demand new malware defense approach
Widespread use of custom malware in targeted attacks requires better attack preparation and response, and a variety of new malcode defenses. News | 16 Nov 2012
-
Trustwave buys Breach Security for WAF technology
Trustwave said it would integrate Breach's Web application firewall into its pen-testing and code-review services. The vendor says it's committed to ModSecurity. Article | 22 Jun 2010
-
Web application firewall use goes beyond compliance, company finds
Web application firewall deployments have been mostly driven by the Payment Card Industry Data Security Standards, but one firm has discovered alternative benefits. Article | 22 Oct 2009
-
PCI 6.6 Web application security mandates burden smaller companies
Expensive source code reviews, or complex Web application firewalls, are required for PCI compliance, but many midmarket companies don't have the money or expertise to buy and run these tools. Article | 01 Jul 2009
-
IT pros find corporate firewall rules tough to navigate
Tweaking rules could result in disrupting business communications or opening a hole for unauthorized traffic. Firewall management tools ease the burden. Column | 15 Jun 2009
-
Citrix virtual desktop, app delivery controller includes security benefits
Citrix Systems' Receiver simplifies secure VDI deployments; NetScaler VPX offers portable Web application firewall combined with application acceleration and network features. Article | 05 May 2009
-
Web application firewall deployments gain traction
In this podcast, Ivan Ristic, creator of the ModSecurity, discusses his new ModProfiler and the challenges of deploying Web application firewalls. Compliance is driving adoption. News | 18 Aug 2008
-
Positive changes coming to ModSecurity
Black Hat: The popular open source Web application firewall is getting a new tool that observes and analyzes application traffic and helps establish accepted behavior. Article | 07 Aug 2008
-
PCI Council issues clarification on Web application security
The PCI Security Standards Council released documentation hoping to reduce a tide of confusion over enforcement of application firewalls and code reviews. Article | 22 Apr 2008
-
NAC, disk encryption gaining attention, survey shows
IT decision makers said they are struggling to fund projects, but many expressed interest in NAC, disk encryption and application security technologies. Article | 05 Mar 2008
- See more News on Application Firewall Security
-
How a next-generation firewall prevents application-layer attacks
Next-generation firewalls can block common yet dangerous SQL-injection and buffer-overflow attacks. Learn how an NGFW stops application-layer attacks. Tip
-
Web application firewalls: Patching, SDLC key for security, compliance
Mike Chapple on improving defense-in-depth security with Web application firewalls (WAFs) and a strong software development lifecycle (SDLC) process. Tip
-
Do you need virtual firewalls? What to consider first
With virtual firewalls, you can avoid routing traffic out of the virtual environment to pass through a physical firewall. But there are challenges to consider in going virtual. Tip
-
How to test a firewall: A three-step guide for testing firewalls
There are three steps when testing firewalls for your organization. Expert Joel Snyder explains how to test a firewall. Tip
-
How application whitelisting can help prevent advanced malware attacks
Advanced malware can be tricky, but application whitelisting on desktops can provide an additional layer of protection against malware attacks. Tip
-
UTM features: Is a UTM device right for your layered defense?
Expert Mike Chapple explores what features a contemporary UTM device provides, and explains the factors that help determine UTM total cost of ownership. Tip
-
Understanding the value of an enterprise application-aware firewall
Today's enterprise application-aware firewall technology offers a host of features to manage application and Web 2.0 traffic. Expert Michael Cobb takes a look at the features and how to make the most of them. Tip
-
Avoid common Web application firewall configuration errors
Web application firewalls are fundamental to the security of any Web application, but they are only truly effective if configured properly. Nick Garlick reviews the best ways to avoid common WAF implementation errors. Tip
-
Common PCI questions: Web application firewalls or source code review?
Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options. Tip
-
How to choose between source code reviews or Web application firewalls
Michael Cobb explains how to make the right choice between Web application firewalls or source code security reviews. Tip
- See more Tips on Application Firewall Security
-
Can application security products really be 'self-defending?'
Expert Michael Cobb determines whether 'self-defending' application security products actually provide something new to enterprise security. Answer
-
Cloud IaaS security: Is a virtual firewall the best bet?
Matthew Pascucci discusses whether organizations should use an IaaS virtual firewall to protect applications that have been moved to the cloud. Answer
-
Implement software development security best practices to support WAFs
WAFs aren't a panacea for all Web security woes. Software development security best practices are still vital. Expert Michael Cobb discusses why. Answer
-
How to choose application security tools for certain scenarios
Learn about application whitelisting, application firewalls and activity monitoring, and how to choose the right application security tools and products. Answer
-
The benefits of application proxy firewalls
Michael Cobb explains the benefits of application proxy firewalls as compared to other firewall technologies including packet filtering firewalls and stateful inspection firewalls or circuit-level gateways. Ask the Expert
-
Comparing an application proxy firewall and a gateway server firewall
There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall. Ask the Expert
-
Will firewalls have to adapt to applications that use port 80?
The Web browser is now the most commonly used application user interface, and port 80 is used for the majority of these browser-application communications. App expert Michael Cobb explains how firewall makers have had to adapt their technology accord... Ask the Expert
-
What evaluation criteria should be used when buying a firewall?
Choosing a firewall for the enterprise isn't always easy. In this expert Q&A, Mike Chapple provides three important points to consider before deciding on a product. Ask the Expert
-
What are the drawbacks to application firewalls?
Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance is... Ask the Expert
-
How to secure an e-commerce Web site
If you need to secure an e-commerce Web site, application security expert, Michael Cobb, has a place to start. In this expert Q&A, Cobb recommends the equipment that will secure your online business. Ask the Expert
- See more Expert Advice on Application Firewall Security
-
virtual patching
Virtual patching is the quick development and short-term implementation of a security policy meant to prevent an exploit from occurring as a result of a newly discovered vulnerability. A virtual patch is sometimes called a Web application firewall (W... Definition
-
Evaluating next-generation firewalls
In this presentation, Joel Snyder discusses best practices for evaluating next-generation firewalls. Video
-
In 2013, Cisco network security product strategy to key on integration
Video: Cisco SVP Chris Young details the vendor's 2013 network security product strategy, specifically combining more features into its line of ASA firewalls. Video
-
pfSense tutorial: Configure pfSense as an SMB-caliber firewall
Video: Keith Barker of CBT Nuggets provides a brief pfSense tutorial. Learn how to configure pfSense, a free yet surprisingly capable firewall. Screencast
-
PCI compliance requirement 1: Firewalls
PCI experts Diana Kelley and Ed Moyle review Requirement 1 of the Payment Card Industry Data Security Standard, which includes a mandate for stateful inspection firewalls. Video
-
Information security podcasts: 2006 archive
Listen to past editions of our information security podcasts. Podcasts
-
Can application security products really be 'self-defending?'
Expert Michael Cobb determines whether 'self-defending' application security products actually provide something new to enterprise security. Answer
-
Next-generation firewalls: Must-have NGFW features
Gain insight to help you decide whether a next-generation firewall is right for you and how to make its deployment and management smooth and successful. Security School
-
Evaluating next-generation firewalls
In this presentation, Joel Snyder discusses best practices for evaluating next-generation firewalls. Video
-
In 2013, Cisco network security product strategy to key on integration
Video: Cisco SVP Chris Young details the vendor's 2013 network security product strategy, specifically combining more features into its line of ASA firewalls. Video
-
virtual patching
Virtual patching is the quick development and short-term implementation of a security policy meant to prevent an exploit from occurring as a result of a newly discovered vulnerability. A virtual patch is sometimes called a Web application firewall (W... Definition
-
Cloud IaaS security: Is a virtual firewall the best bet?
Matthew Pascucci discusses whether organizations should use an IaaS virtual firewall to protect applications that have been moved to the cloud. Answer
-
How a next-generation firewall prevents application-layer attacks
Next-generation firewalls can block common yet dangerous SQL-injection and buffer-overflow attacks. Learn how an NGFW stops application-layer attacks. Tip
-
Implement software development security best practices to support WAFs
WAFs aren't a panacea for all Web security woes. Software development security best practices are still vital. Expert Michael Cobb discusses why. Answer
-
Custom, targeted malware attacks demand new malware defense approach
Widespread use of custom malware in targeted attacks requires better attack preparation and response, and a variety of new malcode defenses. News
-
pfSense tutorial: Configure pfSense as an SMB-caliber firewall
Video: Keith Barker of CBT Nuggets provides a brief pfSense tutorial. Learn how to configure pfSense, a free yet surprisingly capable firewall. Screencast
- See more All on Application Firewall Security
About Application Firewall Security
Learn how to choose an application firewall that meets your organization's needs, where to place it to maximize effectiveness, tackle common configuration and vulnerability issues, and control the amount of traffic between secured and unsecured environments.