How important is application vulnerability defence in your security stack?
In technology, we are always balancing our priorities. We want to keep costs, administration and management to a minimum – and that means deciding what’s really important to your organisation.
In terms of security, the big horror stories tell us that we need defences. Tales of significant network breaches, the loss of critical data and permanently damaged reputations make it clear that a network needs protection.
But how does application vulnerability defence figure in your wider security? Should it be there at all? And, if it should, how important is the role that it plays in keeping your data and your systems safe?
The role of firewalls and anti virus
Firewalls and anti virus have been around for a long time, driven by widespread demand. We all understand how important these things are in keeping networks safe.
Your firewall controls the traffic that comes into and out of your network. That makes sense – if we can control what’s allowed to flow between our trusted nodes and the internet, we can stop attackers from getting in.
Meanwhile, anti virus software recognises known malicious code and prevents it from being executed on your devices. Even if a user attempts to install an application that seems legitimate on the surface, anti virus recognises hidden threats and isolates them.
Firewalls and anti virus are a known quantity – something that everyone sees as essential. In fact, we put so much faith in these tools that we regularly upgrade them, spending time and money implementing the latest “next-generation” solution.
And as your investment goes towards improving perimeter protection that’s already highly effective, an entire layer of the security stack may be missing.
The limitations of firewalls and anti virus
Over time, as we’ve all implemented powerful firewalls and regularly updated anti virus scanners, attackers have had to reconsider their strategies. Port-based penetration is more difficult than ever, while malware is quickly identified, installations prevented and removed from the network.
Instead, attackers choose a form of attack that occurs through seemingly innocuous network ports, involving seemingly secure applications.
Today, software vulnerabilities are the cyber-criminal’s preferred route of attack. As applications become more complex and vulnerabilities become more common, attackers are ready to pounce.
According to a leading analyst, 2015 will see 80% of successful attacks exploit vulnerabilities in applications.
When this happens, firewalls and anti virus have their limitations exposed:
- Vulnerability exploits usually transfer data through ports that are left open on your firewall for legitimate use, like Port 80 and when applications that are allowed by an application-layer firewall have vulnerabilities, they can still bypass current firewall technology.
- Anti virus software detects malicious applications – but not the vulnerabilities and weaknesses hidden in applications that are otherwise legitimate.
As a result, modern attacks are designed to bypass your firewall and your anti virus software – after all, these are the obstacles attackers have faced for years.
That’s why vulnerability scanning should be a vital part of your security outlook.
Vulnerability scanning and patching might be your last line of defence
Firewalls and anti virus software are essential elements of network security. But they only tell part of the story – as is the case with any single security solution.
The reality is that the only true defence is a layered, multi-faceted approach. One that provides several walls for attackers to bypass, from the edge of your network right down to the core of your applications.
Attackers are increasingly targeting your most trusted applications and their vulnerabilities. And where other approaches fail, effective vulnerability scanning and patching can offer that vital last line of defence.