Web application security is the process of protecting websites and online services against different security threats that exploit vulnerabilities in an application’s code. Common targets for web application attacks are content management systems (e.g., WordPress), database administration tools (e.g., phpMyAdmin) and SaaS applications.

The inherent complexity of their source code, which increases the likelihood of unattended vulnerabilities and malicious code manipulation.High value rewards, including sensitive private data collected from successful source code manipulation.Ease of execution, as most attacks can be easily automated and launched indiscriminately against thousands, or even tens or hundreds of thousands of targets at a time.