As more and more vital data is stored in web applications and the number of transactions
on the web increases, proper security testing of web applications is becoming very
important. Security testing is the process that determines that confidential data stays
confidential (i.e. it is not exposed to individuals/ entities for which it is not meant) and
users can perform only those tasks that they are authorized to perform (e.g. a user should
not be able to deny the functionality of the web site to other users, a user should not be
able to change the functionality of the web application in an unintended way etc.).