As organizations have grown increasingly dependent on online software, the risk of malicious attacks has also become far more serious. Such attacks can bring a business to a standstill, cost a company millions of dollars in lost transactions and potentially tarnish its brand image.

Although most organizations are able to implement effective security at the network level using firewalls and encryption, many organizations inadvertently place sensitive customer and corporate information at risk by failing to protect the application layer. Consequently, by thinking like a developer and identifying shortcuts that the developer would have created, a hacker can wreak havoc on a vulnerable application and its surrounding infrastructure within a matter of hours, using nothing more than a Web browser.

Fortunately, well-governed organizations can protect their Web applications by injecting vulnerability assessments and ethical hacks into their software development and delivery processes. By using automated tools to perform these checks throughout the online application lifecycle, auditors, developers and quality assurance (QA) professionals can help foil hackers and reduce their company's exposure to potential business losses. This paper describes 12 of the most common hacker attacks and provides basic rules that you can follow to help create more hack-resistant Web applications.