A security device may be configured to provide a security service (e.g., a next-generation firewall service, a unified threat management service, an advanced threat protection service, or the like) for inspecting (e.g., using a deep packet inspection (DPI) technique) traffic, associated with a session between a client device and a server device in order to classify and/or identify an application associated with the session. The security device may determine, based on classifying and/or identifying the application, a rule set (i.e., a security policy) that describes a manner in which the traffic is to be processed.