White Papers for International Standards Organization (ISO) 27002 (17799)

Protecting Web Applications from Attack and Misuse

Citrix Systems

Protecting an application from attack requires a complete understanding of all application communications. Unless a device can “see” the same data as the application it is protecting, it will be unable to identify application-layer threats. This means that to secure any common Web-based application, a security device must perform a full deconstruction of the HTML data payload, as well as track the state of each application session.

It is technologically impossible for any device to understand application communications or analyze application behavior via the deep inspection of IP packets, either individually or reassembled into their original sequence. Network firewalls and intrusion prevention systems (IPS) are useful for validating the format of application header information to ensure standards compliance.

View the White Paper

Share or bookmarklet this web page at: