-
Readers' Choice Awards 2011
null
-
Quiz: Securing the application layer
Take this quiz to test your knowledge of the information presented in the Integration of Networking and Security school lesson on securing the application layer. Quiz
-
More from SearchSecurity.com -- January 2007
Highlights from Information Security magazine's January 2007 issue Information Security maga
-
PING with Josh Seeger
Josh Seeger, CIO of Tribune Broadcasting, a unit of the Tribune Company, talks exclusively about lessons learned when faced with the complex task of meeting the Payment Card Industry Data Security Standard (PCI) requirements. He also explains that wh... Information Security maga
-
Application firewalls offer specialized protection
Network security's most dangerous attacks are aimed at specific application protocols, coding flaws, and configuration errors. Application firewall appliances can help network engineers defeat these increasingly focused and specialized attacks. Security Spotlight
-
More from SearchSecurity -- August 2006
Highlights from August 2006 issue of Information Security magazine. Information Security maga
-
PING with Robert Garigue
Robert Garigue may be less than six months in a new industry as Bell Canada's chief security executive, but that doesn't mean that the security playbook that served him well as CISO for the Bank of Montreal has to be scrapped. Most threats and best p... Information Security maga
-
Trustwave buys Breach Security for WAF technology
Trustwave said it would integrate Breach's Web application firewall into its pen-testing and code-review services. The vendor says it's committed to ModSecurity. Article | 22 Jun 2010
-
Web application firewall use goes beyond compliance, company finds
Web application firewall deployments have been mostly driven by the Payment Card Industry Data Security Standards, but one firm has discovered alternative benefits. Article | 22 Oct 2009
-
PCI 6.6 Web application security mandates burden smaller companies
Expensive source code reviews, or complex Web application firewalls, are required for PCI compliance, but many midmarket companies don't have the money or expertise to buy and run these tools. Article | 01 Jul 2009
-
IT pros find corporate firewall rules tough to navigate
Tweaking rules could result in disrupting business communications or opening a hole for unauthorized traffic. Firewall management tools ease the burden. Column | 15 Jun 2009
-
Citrix virtual desktop, app delivery controller includes security benefits
Citrix Systems' Receiver simplifies secure VDI deployments; NetScaler VPX offers portable Web application firewall combined with application acceleration and network features. Article | 05 May 2009
-
Web application firewall deployments gain traction
In this podcast, Ivan Ristic, creator of the ModSecurity, discusses his new ModProfiler and the challenges of deploying Web application firewalls. Compliance is driving adoption. News | 18 Aug 2008
-
Positive changes coming to ModSecurity
Black Hat: The popular open source Web application firewall is getting a new tool that observes and analyzes application traffic and helps establish accepted behavior. Article | 07 Aug 2008
-
PCI Council issues clarification on Web application security
The PCI Security Standards Council released documentation hoping to reduce a tide of confusion over enforcement of application firewalls and code reviews. Article | 22 Apr 2008
-
NAC, disk encryption gaining attention, survey shows
IT decision makers said they are struggling to fund projects, but many expressed interest in NAC, disk encryption and application security technologies. Article | 05 Mar 2008
-
McAfee fixes flaw in Mac antivirus software
Attackers could exploit the hole in McAfee's Virex 7.7 antivirus program for Mac OS X to bypass the malware scanner, but a fix is available. Article | 28 Feb 2007
- See More: News on Application Firewall Security
-
UTM features: Is a UTM device right for your layered defense?
Expert Mike Chapple explores what features a contemporary UTM device provides, and explains the factors that help determine UTM total cost of ownership. Tip
-
Understanding the value of an enterprise application-aware firewall
Today's enterprise application-aware firewall technology offers a host of features to manage application and Web 2.0 traffic. Expert Michael Cobb takes a look at the features and how to make the most of them. Tip
-
Common PCI questions: Web application firewalls or source code review?
Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options. Tip
-
How to choose between source code reviews or Web application firewalls
Michael Cobb explains how to make the right choice between Web application firewalls or source code security reviews. Tip
-
Best practices for application-level firewall selection and deployment
Application-level firewalls are an essential aspect of any organization's multi-layered defense strategy, but the implementation process has some security pros scratching their heads. In this tip, contributor Joel Dubin discusses the contrasting fact... Tip
-
Building application firewall rule bases
Security professionals have worked hard in recent years to tighten up their security controls, but they often neglected one area: the application layer. In this tip, Mike Chapple explains how a carefully deployed application firewall can plug a criti... Tip
-
Defending layer 7: A look inside application-layer firewalls
Run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organizations to get more out of existing network devices. Tip
-
Comodo Firewall: An intelligent way to protect against application attacks
Looking for a solid firewall replacement? Contributing editor, Scott Sidel, recommends Comodo Firewall, an open source tool that can prevent application attacks. Tip
-
Application logging is critical in detecting hack attacks
Now that networks are fairly well-protected, attackers are targeting application servers. In this tip, security expert Mike Chapple explains how implementing application layer logging is becoming a crucial addition to every organization's security st... Tip
-
Application firewall tips and tricks
While network firewalls are effective at blocking unwanted communications, they do not provide a complete examination of traffic entering your network. Therefore, adding application-layer firewalls is essential to protecting your network from the ins... Tip
- See More: Tips on Application Firewall Security
-
How to choose application security tools for certain scenarios
Learn about application whitelisting, application firewalls and activity monitoring, and how to choose the right application security tools and products. Answer
-
The benefits of application proxy firewalls
Michael Cobb explains the benefits of application proxy firewalls as compared to other firewall technologies including packet filtering firewalls and stateful inspection firewalls or circuit-level gateways. Ask the Expert
-
Comparing an application proxy firewall and a gateway server firewall
There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall. Ask the Expert
-
Will firewalls have to adapt to applications that use port 80?
The Web browser is now the most commonly used application user interface, and port 80 is used for the majority of these browser-application communications. App expert Michael Cobb explains how firewall makers have had to adapt their technology accord... Ask the Expert
-
What evaluation criteria should be used when buying a firewall?
Choosing a firewall for the enterprise isn't always easy. In this expert Q&A, Mike Chapple provides three important points to consider before deciding on a product. Ask the Expert
-
What are the drawbacks to application firewalls?
Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance is... Ask the Expert
-
How to secure an e-commerce Web site
If you need to secure an e-commerce Web site, application security expert, Michael Cobb, has a place to start. In this expert Q&A, Cobb recommends the equipment that will secure your online business. Ask the Expert
-
How do stateful inspection and packet-filtering firewalls differ?
Can you tell a stateful inspection firewall from a packet-filtering firewall? In our expert Q&A, network security expert, Mike Chapple, examines the important differences between the two and reveals when each should be used. Ask the Expert
-
What components should an application security management system (ASMS) have?
Is there one product that will solve all of your ASMS needs? Maybe not, but Identity Management and Access Control expert Joel Dubin reviews the three components that should be included in any application security management system, in this Ask the E... Ask the Expert
-
How should I repair a firewall that cannot process HTTPS addresses?
SearchSecurity.com's network security expert Michael Chapple explains how to enact HTTPS proxying and plug up the holes in your firewall. Ask the Expert
- See More: Expert Advice on Application Firewall Security
-
PCI compliance requirement 1: Firewalls
PCI experts Diana Kelley and Ed Moyle review Requirement 1 of the Payment Card Industry Data Security Standard, which includes a mandate for stateful inspection firewalls. Video
-
Information security podcasts: 2006 archive
Listen to past editions of our information security podcasts. Podcasts
-
How to choose application security tools for certain scenarios
Learn about application whitelisting, application firewalls and activity monitoring, and how to choose the right application security tools and products. Answer
-
Readers' Choice Awards 2011
null
-
UTM features: Is a UTM device right for your layered defense?
Expert Mike Chapple explores what features a contemporary UTM device provides, and explains the factors that help determine UTM total cost of ownership. Tip
-
Understanding the value of an enterprise application-aware firewall
Today's enterprise application-aware firewall technology offers a host of features to manage application and Web 2.0 traffic. Expert Michael Cobb takes a look at the features and how to make the most of them. Tip
-
Trustwave buys Breach Security for WAF technology
Trustwave said it would integrate Breach's Web application firewall into its pen-testing and code-review services. The vendor says it's committed to ModSecurity. Article
-
The benefits of application proxy firewalls
Michael Cobb explains the benefits of application proxy firewalls as compared to other firewall technologies including packet filtering firewalls and stateful inspection firewalls or circuit-level gateways. Ask the Expert
-
Quiz: Securing the application layer
Take this quiz to test your knowledge of the information presented in the Integration of Networking and Security school lesson on securing the application layer. Quiz
-
Web application firewall use goes beyond compliance, company finds
Web application firewall deployments have been mostly driven by the Payment Card Industry Data Security Standards, but one firm has discovered alternative benefits. Article
-
PCI 6.6 Web application security mandates burden smaller companies
Expensive source code reviews, or complex Web application firewalls, are required for PCI compliance, but many midmarket companies don't have the money or expertise to buy and run these tools. Article
-
Common PCI questions: Web application firewalls or source code review?
Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options. Tip
- See More: All on Application Firewall Security
About Application Firewall Security
Learn how to choose an application firewall that meets your organization's needs, where to place it to maximize effectiveness, tackle common configuration and vulnerability issues, and control the amount of traffic between secured and unsecured environments.