Web application security lockdown.

Although firewalls do a good job of protecting internal network resources from hostile network traffic in general, applications exposed over Hyper Text Transfer Protocol (HTTP) are wide open to all kinds of hostile attacks. To this end, a new set of HTTP-specific firewalls is emerging to address the security mismatch between traditional port-level firewalls and the security demands of Web applications and Web services. Web application firewalls and trusted operating system add-ons, are emerging as important new defensive techniques, but they only mitigate the need for secure programming practices.