O'Reilly logo

Securing Web Applications by Allan Liska, Stephen Gates

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 2. Threats Targeting Your Web Applications

There are numerous security threats to modern web applications, including malicious bots, distributed denial-of-service (DDoS) attacks, malware, and application vulnerabilities, as well as application programming interfaces (APIs) and mobile application risks. In this section, we focus on how these threats work and how they could affect your business.

Malicious Bots

Malicious bots are rogue devices that pose a growing risk to modern web applications. The flexibility, increasing sophistication, and power of malicious bots make them formidable threats to your application security. Malicious bots can perform account takeovers, account creations, credit card fraud, DDoS attacks, and more. Malicious bots can exploit application vulnerabilities as well as attack via APIs and mobile applications. Moreover, malicious bots are responsible for launching the world’s largest DDoS attacks on record as well as spreading malware and exploit kits. All of these activities can affect performance, availability, and ultimately your bottom line.

Malicious bots are increasingly being utilized to infiltrate enterprise web applications at the network or cloud edge. This particular threat is what poses likely the most significant threat to your web applications. As a result, we cover this topic in more detail in Chapter 3, where you’ll learn how malicious bots work, how they circumvent your security posture, and, more importantly, how they can affect ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required