SlideShare a Scribd company logo

1 page consulting for security

Download as DOCX, PDF
T
Tomorrow Growth-for
1 of 1
1 Page Consulting for Security A perfect security can not get just 1 or 2 solutions. That's why most companies are doing security consulting and Pen test regularly. IPS covers more wide areas than Web filtering to reduce risk through network with Pro-active method(there are so many disadvantages&troubles when using IPS but we still need it) while Firewall reduce risk with Pre-fixed policy(it just wall or screen but it's very, very important). Some common protocol have more vulnerabilities (or they are just using more than others). Any way, more detailed security needs in HTTP & SMTP. So, if your resource allow to get more security, you need to go to next stage, WAF & SMTP filtering. Furthermore, and more important thing is that all of the technologies need to harmonize in a experienced Security Consultant & Architect. Because it is the Only way to maximize a company's investment & resource on Security. In summary, a best security MAP is like this, Firewall + IPS(Basic stage) -> WAF + SMTP filtering(Intermediate stage) -> Regular checking with Pen Test + Analyzing vulnerabilities by Security Specialist(Advanced stage).

Recommended

Managing your network
Managing your networkManaging your network
Managing your networkRoselyn Danofra
 
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)Denim Group
 
Zap attack proxy
Zap attack proxyZap attack proxy
Zap attack proxyArtem Vasilenko
 
Myths of Automation Testing
Myths of Automation TestingMyths of Automation Testing
Myths of Automation TestingAbhishek Saxena
 
U08784 part 2 presentation
U08784 part 2 presentationU08784 part 2 presentation
U08784 part 2 presentationxero42
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability ManagementVicky Ames
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewSusan Rantall
 

Recommended

Managing your network
Managing your networkManaging your network
Managing your networkRoselyn Danofra
 
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)Denim Group
 
Zap attack proxy
Zap attack proxyZap attack proxy
Zap attack proxyArtem Vasilenko
 
Myths of Automation Testing
Myths of Automation TestingMyths of Automation Testing
Myths of Automation TestingAbhishek Saxena
 
U08784 part 2 presentation
U08784 part 2 presentationU08784 part 2 presentation
U08784 part 2 presentationxero42
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability ManagementVicky Ames
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewSusan Rantall
 
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityCore Security
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
 
Owasp SAMM v1.5
Owasp SAMM v1.5Owasp SAMM v1.5
Owasp SAMM v1.5Brian Glas
 
Getting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramGetting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramCigital
 
JASM Flyer
JASM FlyerJASM Flyer
JASM FlyerNeville Wiles
 
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical DevicesExtreme Networks
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsDamon Small
 
OSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesOSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesIvanti
 
Hacked!?! How Can I Fix This Fast?
Hacked!?! How Can I Fix This Fast?Hacked!?! How Can I Fix This Fast?
Hacked!?! How Can I Fix This Fast?Ivanti
 
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?Source Conference
 
Getting started with performance testing
Getting started with performance testingGetting started with performance testing
Getting started with performance testingTestplant
 
ალექსანდრე ნემსაძე - Release it
ალექსანდრე ნემსაძე - Release itალექსანდრე ნემსაძე - Release it
ალექსანდრე ნემსაძე - Release itunihack
 
Software fmea for medical devices
Software fmea for medical devicesSoftware fmea for medical devices
Software fmea for medical devicesOnlineCompliance Panel
 
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Skybox Security
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Presentation13
Presentation13Presentation13
Presentation13Nikita Warma
 
Staab Itp 251 Chapter 9 Swl Case Presentation
Staab Itp 251 Chapter 9 Swl Case PresentationStaab Itp 251 Chapter 9 Swl Case Presentation
Staab Itp 251 Chapter 9 Swl Case Presentationstaabjg
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesAkshay Kurhade
 
Engineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseEngineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseJinnah University for Women
 
451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint SecurityAdrian Sanabria
 
Mapa colegio integral gladys lazo
Mapa colegio integral gladys lazoMapa colegio integral gladys lazo
Mapa colegio integral gladys lazoJohan Nuñez
 
كات سرفن اتاو فينجمن
كات سرفن اتاو فينجمنكات سرفن اتاو فينجمن
كات سرفن اتاو فينجمنmuliyadi79
 

More Related Content

What's hot

Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityCore Security
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability ManagementMarcelo Martins
 
Owasp SAMM v1.5
Owasp SAMM v1.5Owasp SAMM v1.5
Owasp SAMM v1.5Brian Glas
 
Getting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramGetting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramCigital
 
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical DevicesExtreme Networks
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsDamon Small
 
OSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesOSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesIvanti
 
Hacked!?! How Can I Fix This Fast?
Hacked!?! How Can I Fix This Fast?Hacked!?! How Can I Fix This Fast?
Hacked!?! How Can I Fix This Fast?Ivanti
 
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?Source Conference
 
Getting started with performance testing
Getting started with performance testingGetting started with performance testing
Getting started with performance testingTestplant
 
ალექსანდრე ნემსაძე - Release it
ალექსანდრე ნემსაძე - Release itალექსანდრე ნემსაძე - Release it
ალექსანდრე ნემსაძე - Release itunihack
 
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Skybox Security
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Staab Itp 251 Chapter 9 Swl Case Presentation
Staab Itp 251 Chapter 9 Swl Case PresentationStaab Itp 251 Chapter 9 Swl Case Presentation
Staab Itp 251 Chapter 9 Swl Case Presentationstaabjg
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesAkshay Kurhade
 
Engineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseEngineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseJinnah University for Women
 
451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint SecurityAdrian Sanabria
 

What's hot (20)

Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
 
Patch and Vulnerability Management
Patch and Vulnerability ManagementPatch and Vulnerability Management
Patch and Vulnerability Management
 
Owasp SAMM v1.5
Owasp SAMM v1.5Owasp SAMM v1.5
Owasp SAMM v1.5
 
Getting Executive Support for a Software Security Program
Getting Executive Support for a Software Security ProgramGetting Executive Support for a Software Security Program
Getting Executive Support for a Software Security Program
 
JASM Flyer
JASM FlyerJASM Flyer
JASM Flyer
 
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
10 Ways to Mitigate the Risk and Effect of Cyber Attacks on Medical Devices
 
Enterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to BasicsEnterprise Vulnerability Management: Back to Basics
Enterprise Vulnerability Management: Back to Basics
 
OSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesOSB130 Patch Management Best Practices
OSB130 Patch Management Best Practices
 
Hacked!?! How Can I Fix This Fast?
Hacked!?! How Can I Fix This Fast?Hacked!?! How Can I Fix This Fast?
Hacked!?! How Can I Fix This Fast?
 
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
Anton Chuvakin - So You Got That SIEM, NOW What Do You Do?
 
Getting started with performance testing
Getting started with performance testingGetting started with performance testing
Getting started with performance testing
 
ალექსანდრე ნემსაძე - Release it
ალექსანდრე ნემსაძე - Release itალექსანდრე ნემსაძე - Release it
ალექსანდრე ნემსაძე - Release it
 
Software fmea for medical devices
Software fmea for medical devicesSoftware fmea for medical devices
Software fmea for medical devices
 
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
 
Presentation13
Presentation13Presentation13
Presentation13
 
Staab Itp 251 Chapter 9 Swl Case Presentation
Staab Itp 251 Chapter 9 Swl Case PresentationStaab Itp 251 Chapter 9 Swl Case Presentation
Staab Itp 251 Chapter 9 Swl Case Presentation
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
 
Engineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseEngineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and Response
 
451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security
 

Viewers also liked

Mapa colegio integral gladys lazo
Mapa colegio integral gladys lazoMapa colegio integral gladys lazo
Mapa colegio integral gladys lazoJohan Nuñez
 
كات سرفن اتاو فينجمن
كات سرفن اتاو فينجمنكات سرفن اتاو فينجمن
كات سرفن اتاو فينجمنmuliyadi79
 
Archivo susana
Archivo susanaArchivo susana
Archivo susanaisceyad
 
Google Partners - Certification
Google Partners - CertificationGoogle Partners - Certification
Google Partners - CertificationMikki Moscara
 
Project proposal presentation [ppt1]
Project proposal presentation [ppt1]Project proposal presentation [ppt1]
Project proposal presentation [ppt1]Naqash khan
 

Viewers also liked (10)

Mapa colegio integral gladys lazo
Mapa colegio integral gladys lazoMapa colegio integral gladys lazo
Mapa colegio integral gladys lazo
 
كات سرفن اتاو فينجمن
كات سرفن اتاو فينجمنكات سرفن اتاو فينجمن
كات سرفن اتاو فينجمن
 
Archivo susana
Archivo susanaArchivo susana
Archivo susana
 
Lunes 14 de abril
Lunes 14 de abrilLunes 14 de abril
Lunes 14 de abril
 
Google Partners - Certification
Google Partners - CertificationGoogle Partners - Certification
Google Partners - Certification
 
udemy cert-Executive Admin
udemy cert-Executive Adminudemy cert-Executive Admin
udemy cert-Executive Admin
 
Mood Board
Mood BoardMood Board
Mood Board
 
SCAN0005.PDF
SCAN0005.PDFSCAN0005.PDF
SCAN0005.PDF
 
FLYER
FLYER FLYER
FLYER
 
Project proposal presentation [ppt1]
Project proposal presentation [ppt1]Project proposal presentation [ppt1]
Project proposal presentation [ppt1]
 

Similar to 1 page consulting for security

Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle1&1
 
Fuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementFuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementCodenomicon
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
Mike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security ProgramMike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security Programcentralohioissa
 
SanerNow a platform for Endpoint security and systems Management
SanerNow a platform for Endpoint security and systems ManagementSanerNow a platform for Endpoint security and systems Management
SanerNow a platform for Endpoint security and systems ManagementSecPod Technologies
 
Softchoice Security Consolidation Survey Results
Softchoice Security Consolidation Survey ResultsSoftchoice Security Consolidation Survey Results
Softchoice Security Consolidation Survey ResultsSoftchoice Corporation
 
Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hWilheminaRossi174
 
Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013nanderoo
 
Network Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsNetwork Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsPivotPointSecurity
 
Juniper competitive cheatsheet
Juniper competitive cheatsheetJuniper competitive cheatsheet
Juniper competitive cheatsheetUsman Arif
 
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10Codenomicon
 
ApExchange Security Review and Compliance
ApExchange Security Review and ComplianceApExchange Security Review and Compliance
ApExchange Security Review and ComplianceCEPTES Software Inc
 
The best way to design secure software products
The best way to design secure software productsThe best way to design secure software products
The best way to design secure software productsLabSharegroup
 

Similar to 1 page consulting for security (20)

Secure Software Development Lifecycle
Secure Software Development LifecycleSecure Software Development Lifecycle
Secure Software Development Lifecycle
 
Fuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementFuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day Management
 
Many products-no-security (1)
Many products-no-security (1)Many products-no-security (1)
Many products-no-security (1)
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended Cut
 
Mike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security ProgramMike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security Program
 
Web application Testing
Web application TestingWeb application Testing
Web application Testing
 
SanerNow a platform for Endpoint security and systems Management
SanerNow a platform for Endpoint security and systems ManagementSanerNow a platform for Endpoint security and systems Management
SanerNow a platform for Endpoint security and systems Management
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
 
Softchoice Security Consolidation Survey Results
Softchoice Security Consolidation Survey ResultsSoftchoice Security Consolidation Survey Results
Softchoice Security Consolidation Survey Results
 
Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t h
 
Compliance Awareness
Compliance AwarenessCompliance Awareness
Compliance Awareness
 
Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013
 
Network Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision PointsNetwork Vulnerability Assessment: Key Decision Points
Network Vulnerability Assessment: Key Decision Points
 
Juniper competitive cheatsheet
Juniper competitive cheatsheetJuniper competitive cheatsheet
Juniper competitive cheatsheet
 
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
Fuzzing101 uvm-reporting-and-mitigation-2011-02-10
 
SAST Managed Services for SAP [Webinar]
SAST Managed Services for SAP [Webinar]SAST Managed Services for SAP [Webinar]
SAST Managed Services for SAP [Webinar]
 
ApExchange Security Review and Compliance
ApExchange Security Review and ComplianceApExchange Security Review and Compliance
ApExchange Security Review and Compliance
 
The best way to design secure software products
The best way to design secure software productsThe best way to design secure software products
The best way to design secure software products
 
Agile and Secure Development
Agile and Secure DevelopmentAgile and Secure Development
Agile and Secure Development
 

1 page consulting for security

  • 1. 1 Page Consulting for Security A perfect security can not get just 1 or 2 solutions. That's why most companies are doing security consulting and Pen test regularly. IPS covers more wide areas than Web filtering to reduce risk through network with Pro-active method(there are so many disadvantages&troubles when using IPS but we still need it) while Firewall reduce risk with Pre-fixed policy(it just wall or screen but it's very, very important). Some common protocol have more vulnerabilities (or they are just using more than others). Any way, more detailed security needs in HTTP & SMTP. So, if your resource allow to get more security, you need to go to next stage, WAF & SMTP filtering. Furthermore, and more important thing is that all of the technologies need to harmonize in a experienced Security Consultant & Architect. Because it is the Only way to maximize a company's investment & resource on Security. In summary, a best security MAP is like this, Firewall + IPS(Basic stage) -> WAF + SMTP filtering(Intermediate stage) -> Regular checking with Pen Test + Analyzing vulnerabilities by Security Specialist(Advanced stage).