EN, Search Security Resources and Information from TechTarget

Positive vs. negative security: Choosing an AppSec model

<p>An effective application security model is essential to protecting apps from threats and vulnerabilities. Two common models are positive security and negative security. While both approaches secure applications, they do so in different ways.</p>
<div class=”ad-wrapper ad-embedded”>
<div id=”halfpage” class=”ad ad-hp”>
<script>GPT.display(‘halfpage’)</script>
</div>
<div id=”mu-1″ class=”ad ad-mu”>
<script>GPT.display(‘mu-1’)</script>
</div>
</div>
<p>In general, positive security models only allow approved traffic and actions and deny other requests, and negative security models block known malicious traffic and actions and allow everything else.</p>
<p>Let’s compare positive and negative security for AppSec and examine how to choose which to implement.</p>
<section class=”section main-article-chapter” data-menu-title=”What is positive security?”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>What is positive security?</h2>
<p>Positive security models define what is allowed and disallow everything else. In terms of AppSec, positive security involves taking a default-deny approach by <a href=”https://www.techtarget.com/whatis/definition/whitelist”>allowlisting</a> approved behaviors, traffic, services and entities for web apps and denying what is not explicitly allowed.</p>
<p>The benefits of positive security for AppSec include the following:</p>
<ul class=”default-list”>
<li>Prevents zero-day attacks because only allowed behavior and traffic is approved to interact with the web apps.</li>
<li>Reduces false positives of unknown malicious behavior and traffic because it only allows approved inbound traffic and actions.</li>
<li>Improves overall <a href=”https://www.darkreading.com/cyberattacks-data-breaches/6-attack-surfaces-you-must-protect”>attack surface</a> security because only approved behaviors and traffic are allowed.</li>
</ul>
<p>A top challenge of positive security is management complexity. Security teams need to regularly update allowlists to ensure legitimate and approved behaviors and traffic are permitted.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”What is negative security?”>
<h2 class=”section-title”>&lt

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Search Security Resources and Information from TechTarget

Read the original article: