Skip Links

AVDL integrates application security

By Jan Bialkowski and Kevin Heineman, special to Network World
February 23, 2004 12:08 AM ET
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Network World - Because traditional security tools such as firewalls, VPNs and intrusion-detection systems inadequately protect against application-layer attacks, security managers are turning to next-generation application security products such as vulnerability scanners, application security gateways and patch management systems. However, these best-of-breed stand-alone systems still require individual and separate user interactions, leaving the overall security management process too manual, time-consuming and error-prone.

Application Vulnerability Description Language (AVDL) is a new security interoperability standard in development by the Organization for the Advancement of Structured Information Standards. Proposed by leading application security vendors and users, AVDL creates a rich and effective set of consistent XML schema definitions to describe application security properties and vulnerabilities. Using AVDL, security tools and products from different vendors will be able to communicate to coordinate their security operations and automate security management.

AVDL integration creates a secure Web application environment that automates mundane security operations, such as patching and reconfiguration, to meet evolving application requirements and security policies. This frees security administrators to focus on higher-level policy analysis.

Because all new vulnerability alerts can be described consistently in AVDL, automation of security management also vastly reduces the incident response time, closing critical vulnerability windows and enhancing security posture. AVDL-based security alert bulletins will give users highly efficient access to the collective expertise of all participants in this field, where even the largest organizations are challenged to keep up with rapid industry evolution.

The basic concept embodied in the AVDL schema is an application-level transaction, called a probe, which describes HTTP exchanges between browsers and Web application servers. Defined mark-ups allow specification of the HTTP messages in full detail at various levels of abstraction (raw byte stream, or parsed to HTTP header constructs). Such probes might specify valid and expected request-response exchanges between browsers and servers, or might specify application vulnerability exploits.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News