Deploying a Secure Web Application: From a Coding Perspective

by Jaime Spicciati Sept. 1, 2017 via SANS Institute

The purpose of this document is to give a developer a very detailed and reproducible guideline for the development of a typical web application. The focus will be on common flaws that recently emerged in popular web applications. This guide will summarize and detail information regarding login page flaws, SQL injection, cross-site scripting/tracing, session ID hijacking and input validation. All of these vulnerabilities will be discussed from a coding perspective and will contain examples of secure implementations that avoid vulnerabilities. The focus is specifically on the coding aspect of development and can be used as a how-to guide for developing a secure web application