Assignment

Application Security

Name:

Institution:

Application Security

Introduction

Fundamentally, application security refers to the utilization of tools such as hardware and software to protect various applications from the imminent threats. In today’s era, security of the application has become a major undertaking and firms are yearning for the most effective approaches that are applicable in ensuring that a network is free from threats (Tøndel, Bartnes & Jaatun, 2014). Threats are today about manipulation of applications which may have far-reaching implications on a firm especially those whose performance is directly tied to the performance of a particular application that e-commerce retailers. Additionally, it is imperative to note that cyber threats are evolving rapidly meaning that security tools and designs also need to evolve as fast. In some cases, the specific actions that are taken in a bid to ensure applications are secure are referred to as countermeasures. One of the most common countermeasure is the design and use of application firewalls. The major aim of the firewalls is to ensure that execution of files and handling of data have been limited to specific programs. Application firewalls are currently being used and this research paper will aim at establishing whether application firewalls are actually effective in offering protection in an age where cyber threats are rampant.

Background

An application firewall refers to a security tool whose main aim entails protecting an application from application-based security threats. The firewalls normally block and filter application vulnerabilities before they can manipulate the applications. It is imperative to note that the firewalls are normally deployed between the network edge routers and the application servers. This means that they serve as a flexible barrier that filters all the in-bound and out-bound traffic (Chen, Jarvis & Macdonald, (2014). From this, it can be seen that an application firewall differs from the traditional firewall due to the fact that it inspects and validates the traffic getting to the applications.

When it comes to performance, it is worth noting that the application firewalls use three models in relation to performance. First, there is the blacklist model where the firewall uses generic signatures of known attacks to filter traffic that is perceived a threat to an application. Second, firewalls use a whitelist model where the firewall use signatures and sometimes logic so as to only permit data that is seen to meet a particular criterion (Chen et al., 2014). Finally, there are firewalls that utilize whitelist and blacklist models in blocking and filtering the traffic.

From the above sections, it can be seen that application firewalls have a model that majors in filtering and blocking traffic that gets to an application. However, it is worth noting that there have been questions relating to the level of security of offered by the application firewalls. For instance, do they have the capability to protect an application from all types of threats? Are the firewalls effective in dealing with newer forms of threats? These are some of the questions that have led to new developments where organizations and firms are nor focusing on tools that are more effective in addressing all forms of threats.

Problem Statement

Hannes Holm and Mathias Ekstedt (2013) carried out an empirical study with the aim of determining the effectiveness of the application firewalls when it comes to prevention of injection attacks. The researchers found out that the prevention rate median is 80% when all the measures and best practices and 25% when all the measures have not been put in place. The measures refer to practices such as deploying expert professionals in monitoring activities, use of an automated black box in tuning the firewall, and whether experienced operators were deployed in tuning the application firewalls. From this study, it was found out that application firewalls are not effective when it comes to prevention of injection attacks. This means that an application is left vulnerable in the event of an injection attack.

The above section shows that there are gaps that are not addressed when a firm or a business organization utilizes application firewalls. Additionally, it has been noted that organizations do not invest in rapid design of application firewalls in response to the ever-evolving cyber threats. Most organizations leave the applications vulnerable which has seen recommendations that they should deploy other mechanisms for security such as moving the resources to a cloud environment.

Research Questions

In order to evaluate the effectiveness of the application firewalls, the following questions will be answered.

1. Are application firewalls effective in addressing all cyber threats that are a danger to s system applications?

2. What are the best practices that will help promote the effectiveness of application firewalls in addressing all types of cyber threats.

The above questions are the overall questions that will guide the research process. At the end, the questions will be addressed hence offering actionable information that may be acted on by the modern firms and business organizations. Additionally, most recent developments will be considered in order to offer credible and reliable information in relation to application security.

References

Chen, T. M., Jarvis, L., & Macdonald , S. (2014). Cyberterrorism: Understanding, Assessment, and Response. New York, NY: Springer.

Holm, H., & Ekstedt, M. (2013). Estimates on the effectiveness of web application firewalls against targeted attacks. Information Management & Computer Security 21(4), 250-265.

Tøndel, I. A., Bartnes, M., & Jaatun, M. G. ( 2014). Information security incident management: Current practice as reported in the literature. Computers & Security 45(1), 42-57.