White Papers for Health Insurance Portability and Accountability Act (HIPAA)

Application Security: Why Network Firewalls and Intrusion Prevention Systems Aren't Enough

Citrix

The nature of attacks has migrated beyond the “spray & pray” approach of general viruses and worms to highly targeted attacks against specific organizations, applications and sensitive data.

Opportunistic and financially motivated attackers know a soft target when they see one. Instead of wasting their ammunition on non-specific network intrusion attempts, they’re now gunning for the sensitive data accessible through Web applications, and traditional methods of network security are powerless to stop them.

Network firewalls and intrusion prevention systems (IPSs) are integral parts of an enterprise security strategy, but they can’t adequately protect the inherently vulnerable Web applications that companies now rely on to extend their businesses to partners, suppliers and customers. Hackers know this, and have put Web applications squarely in their sights: the CSI/FBI Computer Crime Survey reported a 90-percent jump in Web application attacks in 2005 and Gartner estimates that Web application attacks account for at least 75 percent of all offenses targeting the enterprise.

View the White Paper

Share or bookmarklet this web page at: