📜  应用程序安全性和网络安全性之间的区别

📅  最后修改于: 2021-08-27 04:41:35             🧑  作者: Mango

1.应用程序安全性:
顾名思义,应用程序安全性是一个直接与应用程序本身打交道的安全程序。其目标是识别,纠正和纠正组织内应用程序中的安全问题。它完全基于识别和修复与弱点或CWE相对应的漏洞。它的测试还揭示了有助于防止攻击的应用程序级漏洞。

2.网络安全性
顾名思义,网络安全是一种安全程序,旨在确保资产安全并在网络级别扫描流量。其目标是保护对设备,系统和服务的访问。这还意味着维护涉及基于物理和软件的防火墙,入侵防御系统(IPS)等的坚实防御。它仅有助于保护工作站免受有害间谍软件的侵害,并确保共享数据的安全性。

应用程序安全性和网络安全性之间的区别:

Application Security 

Network Security 

It is type of security provided to apps simply by finding, fixing, and preventing security vulnerabilities.   It is type of security provided to network from unauthorized access and risks.  
Its main goal is to make app more secure and prevent data or code from being stolen or hijacked.   Its main goal is to take physical and software preventative measures to protect underlying networking infrastructure.  
It makes application more secure, keep confidential information safe and secure, reduces risks from both internal and third-party sources, protects sensitive data from leaks, etc.   It makes network more secure, protects proprietary information, reduce risks of data loss, theft and sabotage, build trust, etc.  
Tools used for application security includes SAST, DAST, IAST, etc. Tools used for network security includes Wireshark, AirCrack, Metasploit, etc.
It relies on how applications operate and looks for anomalies in those operations.  It relies on ability to scan traffic on enterprise network.  
It is generally remediated or corrected by Programmers. It is generally remediated or corrected by Network Admins.  
It includes business logic security issues.  It includes integration issues.  
Its key features include authentication, authorization, logging, encryption, and application security testing.  Its key features include perimeter security, data privacy, security monitoring, policy management, etc. 
It is a process of developing, adding, and testing security features within application to prevent security vulnerabilities.  It is a process of preventing unauthorized activity across given networking infrastructure.