Network Security is full of processes and procedures, but many compliance guidelines have not extended beyond the perimeter to include security for the application layer. Still, you need your Application Security program to achieve the same level of discipline as the rest of your cybersecurity ecosystem.
Uh oh… Your DevOps teams tell you it may not be practical to remediate every AppSec finding due to issues with legacy code, third-party integrations, or other inherited limitations. Some gaps between discovery and remediation may need to exist – but how do you address that risk?
By integrating Application Security into the larger Network Security ecosystem.
Join us as we chat with one of F5’s Technical Consultants to hear a real-life discussion of the gap between finding an application vulnerability, remediating it, and if need be, using mitigation via the BIG IP-ASM WAF.
We’ll talk about:
- How to address the new OWASP vulnerability class on Insufficient Logging & Monitoring
- How to improve the security scores of your web applications through virtual patching
- What the implications are in each choice for risk management (ignore, block, etc.) while creating the patch