IN TODAY'S NETWORK AND COMPUTING ENVIRONMENTS, security is the name of the game. Securing Web applications has become an integral part of an organization's overall security strategy. As our personal and business lives are increasingly integrated with the Web and Web applications, Web application security moves front and center. Web application security is the battleground for IT security and will be for the foreseeable future.

Web application security encompasses many elements from end-user education to stronger programming and development. One of the first considerations when designing strong Web application security strategies is to know the threats, where they come from, and how to mitigate them. This chapter ...