Part One: An Introduction
Web applications are often the forgotten child of web designers and programmers. Why is that? It should look like web applications are the single most important code and process that needs to be taken into account when designing websites. After all you are trusting the websites to be trustworthy especially from established brick and mortar stores. That is where the problem lies. A lot of stores and websites are not used to designing security plans for collecting and processing customers' information.
I will discuss in the next coming weeks areas of vulnerabilities within websites that web designers and programmers need to take into consideration before creating the site. Security should not be taken for granted. Applications need to be designed from the ground up with security in mind. Most applications on the web are designed with security as an afterthought and do not include security checks in them until after there is a breach and it has reached the news media.
During this series of post we will discuss, cross-site scripting, SQL Injection, web site authorization, SSL vulnerabilities, man-in-the-middle attacks, and other topics as I think of it. :) The purpose of the articles is to inform both programmers and end-users what to look out for while exploring the website. Continue with me on this exciting journey, and we will both learn something and maybe better secure the Internet or at least bring about a better understanding and awareness of application security.
Thanks,
Lance Howell
