Abstract: The web application has been playing a key role in the development of modern society. Unlike traditional applications, modern web applications are generally more exposed to untrusted users, data and transmission medium. According to a cenzic 2014 report 96% of all applications tested in 2013 have one or more serious security vulnerability. The root causes behind these vulnerabilities are lack of application security awareness, design flaws and secure coding. Furthermore, developers frequently see functionality as more important than security. Therefore, this study proposed a simple implementation of the single security Application Programming Interface (API) that could minimize web application security flaws and prevent from critical malicious attacks. A prototype application is developed with open web Application Security Project (OWASP) enterprise security application API based on Rapid Application Development (RAD) methodology. Thus, this study been carried out with an aim to fill the gap between web application development and application security domain.
Abdul Barakath Mohamed Rasheed, Bharanidharan Shanmugam, Ganthan Narayana Samy, Nurazean Maarop, Pritheega Magalingam, Khar Cheng Yeo and Sami Azam, 2017. Secure Web Application Development Prototype Using Enterprise Security Application Programming Interface (ESAPI). Asian Journal of Information Technology, 16: 7-13.