Under Attack?
Search
Menu

Negative Security Model

Many web application security solutions leverage a negative security model, which defines what is disallowed while implicitly allowing everything else. Negative security models tend to block what is known to be bad, denying access based on what has previously been identified as content to be blocked. Since attack signatures may generate false positives by detecting legitimate traffic as attack traffic, such rules tend to be simplistic, trying to detect the obvious attacks. The result is protection against the lowest common denominator.

A negative security model defines what is forbidden and accepts the rest. It is the opposite of a Positive Security Model which defines what is allowed and rejects the rest.

See also: Positive Security Model

Analyst Report

2022 State of API Security

Read this EMA report to understand why so many organizations have a false sense of security when it comes to APIs, how companies are documenting APIs, what they’re using them for, and best practices to keep them secure.

Read more

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia

Close

What are you looking for?