It is surprising that we have not solved this problem nowadays, this is an old problem that almost every security expert knows but as we can realize to fix it is not as simple as it initially could seem. This problem becomes more complex when you have a network of hackers (security experts) and cyber-criminals exploiting those vulnerabilities and publishing them on the Social networks so after that happens the problem has two slopes reputational and security.

Finally, that we do not protect successfully our web applications could involve that we are exposing our customer, employees or sensitive information out there with a cost or impact for our company.

Can we assert that our web application is secure?