APPSEC KNOWLEDGE BASE

NETWORK SECURITY FIREWALL

When a network security firewall isn’t enough.

While a network security firewall is a critical piece of security technology, hardware or software firewalls on their own aren’t enough to fully protect your organization or improve data security.

The network security firewall provides defenses against potential cyberattacks by inspecting packets of information as they enter the network or transfer between computers. When the content of a packet matches certain filter rules, the network security firewall can block the packet and send an error response.

Network security firewall technology has evolved in significant ways in recent years. While the original network security firewall examined traffic only at the network layer, more recent firewalls examine the transport layer as well. The latest network security firewalltechnology operates at the application layer to block unauthorized processes that could lead to the spread of malware software like malicious worms and viruses.

For this reason, the network security firewall remains an important line of defense, but it’s not enough to stop all threats. Firewall technology tends to examine packets for known patterns, and emerging threats may be able to slip by unnoticed. For this reason, network and data security practices should include application security testing in order to defend the organization against an evolving universe of threats.

Application security testing: improving on the defensive the network security firewall.

CA Veracode is a leading provider of application security testing services that help organizations protect the software their business runs on. Offering a comprehensive suite of SaaS-based testing services, we enable IT organizations and development teams to test software for vulnerabilities quickly, easily and cost-effectively. With CA Veracode, organizations can embed security testing throughout the software development lifecycle to find and fix flaws at the most logical and least costly point in the SDLC.

On-demand solutions that augment the network security firewall.

CA Veracode Runtime Protection is a service that defends against application layer attacks in real time. This solution is easy to deploy and does not require engineering resources to implement and configure. Like a network security firewall, Runtime Protection inspects traffic and content and blocks suspicious packets. But Runtime Protection requires no tuning and has a higher level of accuracy because it has insight into application logic and configuration, event and data flow, executed instructions and data processing.

In addition to Runtime Protection, CA Veracode offers application security testing services with role based access controls that provide greater flexibility and control. Multiple methodologies such as static and dynamic analysis, software composition analysis and web application scanning ensure greater protection against threats like SQL injection, cross site scripting and weaknesses that can lead to DDoS attacks.

Learn more about how Veracode application testing can augment a network security firewall to improve overall security posture. Or consult our AppSec knowledgebase for answers to questions like “What is BYOD?

 

 

contact menu