Improving Web Application Security: Threats and Countermeasures

The following are recommendations on how to use this chapter:

• Become familiar with specific threats that affect the network host and application . The threats are unique for the various parts of your system, although the attacker's goals may be the same.

• Use the threats to identify risk . Then create a plan to counter those threats.

• Apply countermeasures to address vulnerabilities . Countermeasures are summarized in this chapter. Use Part III, "Building Secure Web Applications," and Part IV, "Securing Your Network, Host, and Application," of this guide for countermeasure implementation details.

• When you design, build, and secure new systems, keep the threats in this chapter in mind . The threats exist regardless of the platform or technologies that you use.