Applications are at the heart of an organization's security. If compromised, they can become an avenue to exploiting or destroying the assets that belong to the organization. This chapter looks at the need to secure those applications and how to accomplish that security. The requirements and early design phases of an application are where critical decisions must be made. If made correctly, those decisions will lead to the creation of applications that are much more secure. Beyond the design phase, coding practices can introduce unexpected security flaws. These flaws are where most organizations run into the largest problems with their applications. This chapter identifies 25 of the worst coding ...