As a developer, knowledge of web application security vulnerabilities is essential in order to build software that is both resilient to attacks and protected through a layered approach of defense. The cybersecurity landscape is constantly shifting, however a good understanding of the most common vulnerabilities is a great place to get started with security. Before reviewing the articles below, be sure to look at 10 Most Common Security Vulnerabilities. The list that follows are a handful of articles I’ve written over the years both in my graduate and professional work. They focus on application security specifically as well as an understanding of the people behind such attacks.
- Hackers Motivation and Intent: This is a good overview of the various types of hacker, including their motivation to exploit vulnerabilities.
- Malicious Code Intrusion: A longer paper focusing on how malicious code intrusion has become a bigger problem in recent years. It focuses on the issues we face as we have moved to a distributed web model vs traditional desktop applications.
- Modern Application Frameworks, Legacy Browsers, and Security Implications: An overview of some of the problems introduced into modern web applications and the constant challenge with legacy browsers and security concerns.
- Web Application Database Vulnerabilities to be Aware of: A concise list of the various common vulnerabilities that exist in database systems. While many front-end developers focusing mainly on HTML and CSS do not have to be as concerned with database applications, it is worth understanding the types of issues that exist in these systems.
- SQL Injection Explained: Covered in the article above, this overview describes the process of SQL Injection with some basic example code.
- Confusion over Terminology (Vulnerabilities, Risks, Threats): The terms vulnerability, risk, and threat can often be confused by people not familiar with security principles. This short article summarizes the main differences that can easily be communicated to technical personnel.