In this chapter, we will cover several aspects of security. We will briefly discuss why security is important and then detail the WebSphere Application Server (WAS) security architecture. We'll cover some subtle points of WAS security and then move on to detailed discussions of how to harden a WAS environment to be secure. Finally, we'll provide some tips for troubleshooting security problems. Given the limited space available, much of this material will be high level and will not delve into the details. Wherever possible, we will point you to appropriate references that show the details.