Detection of the Security Vulnerabilities in Web Applications

The contemporary organizations develop business processes in a very complex environment. The IT&C technologies are used by organizations to improve their competitive advantages. But, the IT&C technologies are not perfect. They are developed in an iterative process andtheir quality is the result of the lifecycle activities. The audit and evaluation processes are requiredby the increased complexity of the business processes supported by IT&C technologies. In order to organize and develop a high-quality audit process, the evaluation team mustanalyze the risks, threats and vulnerabilities of the information system. The paper highlightsthe security vulnerabilities in web applications and the processes of their detection. The webapplications are used as IT&C tools to support the distributed information processes. Theyare a major component of the distributed information systems. The audit and evaluationprocesses are carried out in accordance with the international standards developed for informationsystem security assurance