Topics relating to application security and attacks against software. Please don't use this tag alone, that results in ambiguity. If your question is not about a specific programming problem, please consider instead asking it at Information Security SE: https://security.stackexchange.com
This tag is used for topics relating to application security and attacks against software. Security relates to a wide range of subjects including cryptography, authentication, authorization, privacy, integrity and access-control, among others.
Web Application Security
Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services.
At a high level, Web application security draws on the principles of application security but applies them specifically to Internet and Web systems. Typically web applications are developed using programming languages such as PHP, Java EE, Java, Python, Ruby, ASP.NET, C#, VB.NET or Classic ASP.
More about web application security and best practices:
- Open Web Application Security Project (OWASP) - Their Top 10 list is a good starting point.
- Microsoft: Basic Security Practices for Web Applications
- Mozilla Developer Network: Web security
Note that security questions which are not about a specific programming problem may be better suited to our sister site, IT Security Stack Exchange.
