"A vulnerability in a network will allow a malicious user to exploit a host or an application. A vulnerability in a host will allow a malicious user to exploit a network or an application. A vulnerability in an application will allow a malicious user to exploit a network or a host."
” Carlos Lyons, Corporate Security, Microsoft
To build secure Web applications, a holistic approach to application security is required and security must be applied at all three layers . This approach is shown in Figure 1.1.