ABSTRACT
It is important to design and develop secure Web applications. It is equally important to test them before they are deployed in a production environment. Testing Web applications for security is a critical requirement, as it can result in a great deal of oversight for the developers on the security functionality of the Web application. There may be several errors and vulnerabilities that might have crept into the Web application during the course of the Software Development Life Cycle, and only after testing are these errors identified and subsequently corrected. This chapter explores the various practices of Web application security testing and details the approach that individuals and organizations can take when developing a strong testing procedure for Web application security.
