Companies selling XML security gateways are spreading some misinformation about the layers--and the labor--needed to keep applications safe and secure.