APPLY SECURITY BEST PRACTICES

1.Create a Web Application Security Blueprint

-Staying on top of the web application security for long enough without having a plan in place of doing
so. Disorganized approach to this kind of situation will end up achieving next to nothing. To enhance
your general compliance and may be protect your brand more careful choose application that you will
secure first and try to test it.You can test it thru different kind of test for example : software,cloud
solution,or even manually.Also be ready to what will costs your organization by doing this kind of
activities.

2.Perform an Inventory of Your Web Applications

-Organized as though you think your own company may be, you don’t have a clear vision on what
applications relies on and on in a daily basis.Most organizations have running application at any given
time and never know until they see something goes wrong.Hoping to maintain good and effective web
application security without knowing precisely which applications are commonly company uses is a big
mistake.Doing such an inventory is a big risk and it will took long time to complete.While doing
inventory take time to understand the purpose of each applications. Make sure to take time in doing
inventory it is a handy steps make sure to get every single application.

3.Prioritize your Web Application

-This is the next step after you completing the inventory of your existing web applications.You may think
twice now,but your list will be very long if your not focusing first in the application you will struggle to
make any progress.Web Application have a three categories

 Critical application- are extremely facing and contain customer information. Application like this
should be manage first,hackers likely to targeted and exploited applications like this.
 Serious applications may contain sensitive informations even if its external or internal.
 Normal Applications have less exposure but they should count in tests down road.

4.Use Cookies Securely

-Using cookies are another are which some organizations don’t think about.Cookies are incredibly
important for business persons and users alike.Cookies allows user to remembered by sites that they
visit so that future visits are more quickly and in any cases, more personalized.In the otherhand hackers
can gain access to protected areas using cookies.

 Never use cookies to store highly and sensitive information.Don’t use cookies to remember your
passwords,as it makes easy for hackers to gain unauthorized access.
 Be conservative on setting expiration dates for cookies.Maybe cookies are valid for user in
moths on end,but in reality is that each one presents a security risk.
 Lastly consider encrypting the information that is stored in the cookies that you use.
 5.Implement the Following Web Security Suggestions
-Besides in the steps have said there are still more effective web application security suggestions
that you can apply as a business owner or as a website.

 Implement HTTPS and redirect all HTTP traffic to HTTPS

 Implement a content security policy
 Help prevent man in the middle attacks by enabling public key pins
 Apply subresource integrity to your resource’s <script> or <link> elements