Abstract
Web applications (WAs) are constantly evolving and deployed at broad
scale. However, they are exposed to a variety of attacks. The biggest
challenge facing organizations is how to develop a WA that fulfills
their requirements with respect to sensitive data exchange, E-commerce,
and secure workflows. This paper identifies the most critical web
vulnerabilities according to OWASP Top Ten, their corresponding attacks,
and their countermeasures. The application of these countermeasures will
guarantee the protection of the WAs against the most severe attacks and
prevent several unknown exploits.