Security Risks in Web Applications and their Mitigation Techniques

With the advent of modernization in today’s world of internet, web application plays a crucial part in all the sectors be it Automobile industry, Food industry, education sector and a most important Banking sector. Since web applications are hosted publicly it is easily accessible due to which Threat actors are targeting websites for stealing critical information and sensitive databases. Although some companies use firewall to protect their company perimeter from external attacks but still most of the attackers are able to bypass the firewall and enter into the web application, the reason being firewall stays in layer 4 of the network layer and most of the attacks happens at layer 7 so internal as well as external protection is required by the developers and the testers to harden the web application by writing a secure code and doing a secure code review. In this paper we will survey the risks pertaining in web application and possible ways to mitigate it.