Security is a major concern for web applications. Even major organizations such as the United Nations have been hacked using very simple security flaws.
Iâm of the opinion that there is no such thing as a completely secure system. My aim when securing an application is two-fold. First, I aim to make it take as long as possible for an attacker to gain access. My next aim is to minimize the value of any information they can retrieve. In other words, I never assume that my system is impenetrable and I always use defense in depth.
This reduces the feasibility of hacking my application ...
