An Integrated Approach to Web Application Security Threats
Bryan Casey 270003BSJV BFCASEY@US.IBM.COM | | Tags:  security appscan ibm ips web applications
0 Comments | 3,390 Visits
Today's post comes from Paul Kaspian, Senior Product Marketing Manager, IBM Security.
Web application security threats continue to rein supreme as one of the largest vulnerability categories, and subsequently, one of the biggest threat vectors today. IBM’s latest X-Force 2011 Mid-Year Threat Report shows that Web application vulnerabilities still account for the vast majority (close to 40%) of all vulnerabilities discovered in the first half of 2011.
To combat this problem, many organizations are adopting a multi-layered approach to this issue. One is to utilize application security testing to uncover critical vulnerabilities in both “home grown”, as well as third-party Web applications. This information can be used to arm in-house developers with the information to fix issues in custom applications, as well as identify patches from third-party vendors that should be implemented. The second is to utilize some form of “real-time” protection to actively block attacks against vulnerable Web applications. Even if security teams are actively scanning applications, vulnerabilities can be introduced regularly and even known issues can take time to fix. This approach gives organizations the ability to fix security flaws at their source, while still being protected in the process.
Many of IBM’s clients have adopted this approach to mitigating their risk associated with Web applications. For example, many clients utilize a combination of Rational AppScan, IBM’s application security suite of tools, with the real-time protection found in IBM’s network intrusion prevention solutions. Rational AppScan gives clients the ability to perform regular, in-depth yet automated scans of their applications to identify and prioritize vulnerabilities, while IBM’s network intrusion prevention solutions include a “Web Protection Module” that actively blocks attacks against Web applications.
Recently, IBM has introduced an even more integrated approach to addressing Web application security. With the introduction of AppScan version 8.5, AppScan can now share vulnerability information with the information collected by IBM’s intrusion prevention solutions. This information is then correlated within the IBM Security SiteProtector System which provides centralized security management and reporting.
The result? The ability to not only see which applications are vulnerable, but whether those applications and their respective vulnerabilities are being actively attacked. This single view of an organization’s Web application security posture not only enables various security teams to team more effectively, but also provides each team with actionable data to improve their security response. For example, application security teams can better prioritize their remediation efforts and network security teams can verify the effectiveness of their Web application monitoring and blocking policies.
To get the latest on the state of Web application security and how IBM can help, please watch the new OnDemand webcast: “Securing Web Applications Against Today’s Biggest and Emerging Threats”