XML Threats & Web Services Vulnerabilities

Understand potential security risks and protection alternatives for XML-based Web services

A Service-Oriented Architecture will most likely use a collection of XML-based Web services as the foundation for its application integration and data exchange. However, using Web services also introduces a range of security challenges related to:

• Maliciously constructed data structures, application calls, input data or attachments
• Exposure of application APIs and target applications
• Bilateral threats that can be passed through multiple application hops

To address these challenges, organizations need technology able to reduce the impact of attacks and ensure a high-availability Web services deployment by screening out XML threats in real-time, before they consume valuable internal resources. This white paper:

• Reviews various XML-specific threats
• Examines how to address these threats
• Discusses what a complete threat protection solution should provide