A Holistic Approach to Securing Web Applications

Abstract

Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and having in mind the fact that 75% of all the attacks are performed at the application layer, special attention should be paid to the application layer. It is possible to improve protection of Web application on the level of the system architecture by introducing new components which will realize protection on higher levels of OSI models. This paper deals with Intrusion Detection Systems, Intrusion Prevention Systems, Web Application Firewall and gives a holistic approach to securing Web applications using aforementioned components.