June 7, 2021

Network/Cloud security vs Application security.. I’m trying to understand..

So I’m trying to make sense of the two. I know network/cloud security is all about securing network infrastructure which needs skills in windows, Linux, python, networking, penetration testing, cryptography and other things….

When it comes to application security, are we talking about applications that people download? Like Instagram, Snapchat etc. Apps that download from the apple store and google play or are there different types of applications? I check on google and it said there is a lot of overlap between network/cloud security and application security. Like they are both under the same roof. I’m assuming application security requires more knowledge of coding?

Can you guys explain the similarities and differences between network/cloud security vs application security?
Please explain in detail the concepts of application security, what it’s about, what are the technical skills needed in application security? Example, Can someone who is involved in network/cloud security transition into application security? If so, what are the additional technical skills this person will have to develop? Sorry, I’m a newbie going to school this fall and I am just very curious about these topics.



Something to chew on:. If your world facing application allows unfiltered unregistered access to data, then platform controls won’t matter.


I’m going to do my best to try to break down your question.

Let’s use Amazon’s website as an example.

* Network Security

* Right off the bat, before we can start shopping on Amazon, we have to get there. Network security in this realm is going to be things like SSL certificates on the website, that ensures traffic between your and Amazon is encrypted. After all, you’re giving them your credit card into!

* We also need to make sure that people can only get to amazon over the ways we want them to get to Amazon. Primarily, that’s going to be HTTPS (port 443) so we need to make sure other services and ports that aren’t functional to the use of Amazon’s website are closed/turned off. This is something Amazon does.

* Cloud Security

* Amazon is ran on multiple redundant servers scattered across the…well…everywhere. This is generally what we call the “cloud”. Cloud security is going to be ensuring that the various servers that run the Amazon website are secure. Web servers run websites, so if you compromise a web server, you can compromise a website.

* There’s also things like our SQL databases and whatnot that the web servers have to talk to, but lets segway that into application security. The big takeaway is that we want to make sure our webservers can only do what we expect the webserver would do.

* Application Security

* So, when you use Amazon’s website and buy a book, do you go into their SQL server and reduce the “Harry Potter and the Chamber of Secrets” inventory by 1? You don’t. The application (the website) does. In this way you can think of application security as ensuring that the “user ” can only interact with your stuff the way you want them to. How does Amazon ensure you don’t directly touch their inventory numbers? They ensure it by making sure you can only interact with the application (the website) in a very specific way. The website is what tells the SQL server to reduce that book inventory by 1, not you. Facebook, Instagram, or any other cloud application uses the same philosophy. The website is really just a fancy cage that looks pretty but serves a huge purpose of preventing you from doing the things you’re not supposed to do

* Things that bust application security are major because it allows the user to escape the cage and do things behind the website they’re not allowed to do. If I can put a gigabyte of text data in for my first name, I could cause an overflow where the site breaks and spits out memory, allowing me to see things or do things I’m not supposed to do.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.