Secure Development - Web Application Security.

Abstract

In Current scenario, many Web applications go through rapid development phases like adopting agile methodology of development with very short turnaround time, making it difficult to identify and eliminate vulnerabilities. This paper provides analysis of requirement of Secure Development and Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to attacks such as SQL injection and cross-site scripting. This paper also list out the different categories of vulnerability with the small examples along with prevention guidance and a sample of research by different vendors about the State of Software Security Report and Web Application Vulnerability Statistics of 2012. This paper reviews need of secure development, resource s available for creating secure Web applications. These resources ranges from the security features of the development, to automated tools evaluating an existing Web application, to Web sites dedicated to all facets of Web application security. In Web application security, making one single mistake can lead to many unwanted flaws. By using the different resources available, the risk of the applications to be vulnerable can be reduced to an acceptable level. In addition, some risk can be avoided at the very beginning of the project life cycle when the requirements for the system are defined.