With the deployment of application-aware firewalls, UTMs, and DPI engines, the network is becoming more intelligent at the application level. With this awareness the network has the ability to implement intelligent security and traffic management policies that are tied to specific application and user characteristics.

However, with hundreds of thousands of applications and devices on the network and new security threats being discovered on them every day, test teams are struggling to quickly and effectively test their systems.

Key requirements for an application aware security testing tool

Unified
- The test team needs a unified solution that models both the various types of security threats (such as
Distributed Denial of Service, protocol fuzzing, anti-virus, DLP, url filtering and published vulnerability
detection), and also real world applications.
Exhaustive
- The resulting tests need to be exhaustive and cover the entire attack surface. The solution needs to
cover thousands of tests that can be run in an automated fashion and yet allow debug and analysis
when issues are found.
Simplicity
- Since test teams are pressed for time, they need a solution that does not require an expert user. The
ability to make the workflow of the test tool integrate with development and issue resolution is very
important. This is critical to make the issues found actionable and to get them to resolution rapidly.

Download Whitepaper

Comments