© Elena Kichigina/Shutterstock

CHAPTER 8
Developing Secure Websites and Web Applications

IN TODAY’S NETWORK AND COMPUTING ENVIRONMENTS, security is the name of the game. Securing web applications has become an integral part of an organization’s overall security strategy. As people’s personal and business lives are increasingly integrated with the Web and web applications, web application security moves front and center. Web application security is the battleground for IT security and will be for the foreseeable future.

Web application security encompasses many elements from end-user education to stronger programming and development. One of the first considerations when designing strong web application security strategies is to know what the threats are, where they come from, and how to mitigate them. This chapter examines one of the more commonly exploited areas of web application security: end-user input. It looks at the dangers of cleartext communication and explains how to encrypt data as it travels throughout the network.