In today’s era of digital information, web applications, which commonly act as publicly facing entities for many businesses and organizations, are often the target of malicious attacks by hackers who wish to steal customer data or pivot their way deeper into an organization’s internal network. It is essential that education and training for industry professionals has intentionally vulnerable web applications for realistic training in how to secure those applications.
The World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect every day to different web-based applications to search for information, exchange messages, interact with each other, conduct business, perform financial operations and many more. Some of these critical web-based services are targeted by several malicious users intending to exploit possible vulnerabilities, which could cause not only the disruption of the service, but also compromise the users and organizations information. Most of the times, these malicious users succeed in exploiting different types of vulnerabilities and the consequences
…show more content…
They are increasingly used for critical services and may store sensitive information, which is why they have become a popular and valuable target for attacks. According to Verizon’s annual report [4], web applications are at the top in both the number of breaches and amount of data being compromised. A broken web application could result in enormous information breaches, severe financial losses and both ethical as well as legal consequences. Software systems are usually exploited by using vulnerabilities that depend on design flaws or bugs in the implementation. The several authoritative studies have shown that defects during requirement engineering cost 10 to 200 times more to correct once fielded than during