A decade ago, applications were often deployed in closed
client-server or stand-alone scenarios. At that time, testing
and securing an application was an easier task than today,
where a web application can be accessed by millions
of anonymous Internet users. As more and more security critical
applications, such as banking systems, governmental
transaction interfaces, and e-commerce platforms, are becoming
directly accessible via the web, the role of web application
security and defense has been gaining importance.