Skip to main content

By clicking Submit, you agree to the developerWorks terms of use.

The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

  • Close [x]

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

By clicking Submit, you agree to the developerWorks terms of use.

All information submitted is secure.

  • Close [x]

Select a language:

  • Close [x]
  • Close [x]

Web application security fundamentals

Date:  07 Oct 2011 (Published 14 Jun 2011) |Level: Intermediate |

Sign in to save your progress (Learn more)

Saving your progress (Learn more)

1. Application security concepts

It's a good idea to go through the basic terminology related to security before digging deeper into the complex risks that you face on the web. When it comes to security it's much better to be proactive than reactive. Learn the concepts and then build upon them by planning a security strategy.

Read: App Security 101Item marked not complete - Click to mark complete

Read: Planning a security strategy: Three core questions to askItem marked not complete - Click to mark complete

Read: Understanding web application security challengesItem marked not complete - Click to mark complete

Read: Open web application security project top ten 2010Item marked not complete - Click to mark complete

2. Common vulnerabilities and attacks

Time to dig into the most common types of app-level attacks. In this section, learn how these attacks are performed and how to prevent them.

Read: Preventing common application-level hack attacksItem marked not complete - Click to mark complete

Watch: SQL injection - simply explainedItem marked not complete - Click to mark complete

Read: Locking down your PHP applications: Four security rules you can't violate Item marked not complete - Click to mark complete

Read: Cross-site scripting explainedItem marked not complete - Click to mark complete

3. Developing secure applications

Now it's time to apply all the knowledge covered in security to existing and future applications from a development point of view. Vulnerabilities aren't easy to spot sometimes, so it's always best to keep security in mind when you begin writing your application.

Read: Secure programmer: Developing secure programsItem marked not complete - Click to mark complete

Read: Web application security: Testing for vulnerabilitiesItem marked not complete - Click to mark complete




Rate this content



Give us feedback

Submission failed. Please try again.

Please complete one of the following questions before submitting.

1. Are you finished with this knowledge path?

       

2. How much did you learn?

           

3. Tell us more

  • What did you like/dislike?
  • What can we do better?

2500 characters left

Disabled Submit button

Close [x]

developerWorks: Sign in


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 

The first time you sign into developerWorks, a profile is created for you. Select information in your developerWorks profile is displayed to the public, but you may edit the information at any time. Your first name, last name (unless you choose to hide them), and display name will accompany the content that you post.

All information submitted is secure.

Close [x]

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 

All information submitted is secure.

Close [x]

Save your progress Green checked checkmark

When you sign in, we will save this item to your developerWorks community home page and track your progress so you know what you've completed and where to resume when you return.

For a list of your saved items, see your My Home > My saved items page.

Close [x]

Thank you for your feedback. We appreciate your sharing your opinion with us.

Close [x]

Do you want to save your progress?

, Sign in to save your progress

Close [x]

Save your progress

Sorry. Our server is not available, and we cannot display your saved progress at this time.

Your progress will be displayed when the server is available again. Any previous progress is retained, and additional progress is being tracked.

If your most recent progress is not displayed within 24 hours, you can click the checkmark to indicate completion.

About this knowledge path

Web security is a discipline that is commonly overlooked. It has a reputation of being attended to in a reactive manner partially because of the lack of knowledge about common risks as well as lazy programming. Get introduced to common information security terminology as well as common attacks and vulnerabilities found on websites and applications. This knowledge path is for anyone interested in learning the basics of web application security and the risks involved in running a website from development to deployment.

Activities in this path

  1. Application security concepts
  2. Common vulnerabilities and attacks
  3. Developing secure applications

Related resources

Share this page:

  • Close [x]

Follow developerWorks:

  • Close [x]
static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Web development
ArticleID=755634
publish-date=10072011