Dr. Ravi Kiran Yerra, COE Security LLC
It is often the case that developers and software vendors are not fully aware of application security vulnerabilities such as cross site scripting, injection flaws, cross site request forgery and etc. In many cases, these vulnerabilities can be prevented with training, more consistent and standardized software development practices, software acquisition protocols, and appropriate use of manual and/or automated security vulnerability test, manual and/or automated security code reviews.
Dr. Ravi Kiran Yerra, 2011 Technical Paper, Abstract, Paper