Web Application Security Basics 101: where to start

When we talk about web security, we think about the security of web applications and network infrastructures. But when it comes to actual implementation, the reality is that this often gets ignored.

Any organization that exposes its computing services to access networks will have to make a significant effort to ensure that information and resources are protected. The internet is a primary factor in communication and apparent potential risk of access and misuse of available services and information.

In a web application, we divide security into:

• Availability: This ensures that authorized entities or processes have access to the application when required.
• Authenticity: This ensures that an entity is who they claim to be, and it guarantees the source from which the data comes.
• Integrity: This ensures that the information asset has not been altered in an unauthorized manner.
• Confidentiality: This ensures that sensitive information is neither made available nor disclosed to unauthorized individuals, entities, or processes.
• Traceability: This…