Protecting enterprises against Web application attacks with IBM

As threats and attacks increasingly target Web applications, many enterprises have been forced to take a reactive approach to security with point products that address only pieces of Web application security and add to the complexity of security operations.

IBM has brought together the breadth of its offerings designed to deliver end-to-end Web application security that includes security rich code development, vulnerability management, real-time blocking of attacks, dedicated security and performance for Web services, and access management.

IBM’s integration of its Web application security offerings can help enable enterprises to combat these types of attacks. The latest component of the solution, IBM Proventia SiteProtector 8.0, integrates a consolidated security management system with Rational AppScan, a solution for Web application vulnerability and secure code testing; and IBM’s Web application protection module for network and host intrusion prevention systems.

This combined solution is designed to deliver multiple benefits to enterprises, including:

  • Reduced security management operational costs
  • Improved security posture
  • Consolidated reporting infrastructure
  • A common workflow system for managing security incidents
  • Correlation of application vulnerabilities with potential security events and real-time attacks, enabling organizations to prioritize remediation to immediately address top threats.

Because Web applications often rely on Web services and service oriented architecture (SOA), IBM has integrated the security and governance features of the WebSphere DataPower SOA Appliances with the centralized management of Tivoli Security Policy Manager. The combination of Tivoli Security Policy Manager and WebSphere DataPower SOA Appliances can help to enable enterprise architects and security operations to align business and IT by centrally managing and enforcing security policies for Web services resources across multiple policy enforcement points.

Don't miss