Assignment1 being formative assessment is divided into two parts. The first part of assignment 1, part A, focuses on the Analyse and discuss the web application security , web application attacks and the significance of web application security that is marked for 5% of the total marks and the second part, part B, is an extension of first part along with Web Application Potential threats, web application recent attack and mitigation tools. Students have to submit the first part by the end of week 3. Once the first part is marked and a constructive feedback is provided, the responses to the comments/feedback has to be tabulated and appended to Assignment 1b that would be submitted in Week 8. In recent year a lot of web applications have been released in the world. At the same time, Zero-Day attacks against web application vulnerabilities have also increased. In such a scenario, it is necessary to make web applications more secure. Assume you have an interview for the cybersecurity analyst position with Regal Security Solutions Company. You are supposed to be prepared about the Web Application attacks, their types, threats, and mitigation techniques. In this context write a report including the following sections, Part A and Part B: Part B: Attack detection and mitigation in Web Application (40 Marks) In this part of the assignment the student will reflect on the feedback for Part A and discuss how did it help him/her to accomplish the tasks for the assignment Part B. In this part student will write report discussing following sections:

B. Potential threats posed by Web Application attacks. (5 Marks)

C. Recent Attack: Case study of at least one recent attack carried out by the Web Application attacks. (5 Marks)

D. Mitigation techniques: (8 Marks) I. Analyse how could these attacks, selected from part A, could be mitigated. II. Recommendations on any two mitigation techniques to tackle the Web Application attack and discuss the effectiveness of the selected techniques.

E. Securing Web application by standardization, business benefits: (8 Marks) Report on how web application may be rebranded secure by standardization or other ways (including pre-planned web application penetration testing and vulnerability analysis). In addition, Report on the enterprise level security mature models that are standardized and its gaps regarding the web application.

F. Summary