Have you locked the back door, too?

The Good thing is that Oracle APEX is secure out of the box but....Some of the main reasons why attacks on web applications are successful are due to an insufficient level of security, and the lack of a security focus when developing applications. This talk is a story about a guardian (aka APEX developer), who is doing his best to secure every door, and the damages caused by a data thief when he finds some back doors unlocked.The presentation gives you an opportunity to learn how your APEX applications can be vulnerable to attacks and the simple steps you can take to protect your APEX estate from mischievous employees or dedicated external hackers. Organizations who fail to secure their web applications run the risk of being attacked. A data breach can result in serious consequences in relation to reputation, finances and even regulatory failures.Web application vulnerabilities are typically the result of a lack of input/output sanitization, which are often exploited to either manipulate source code or gain unauthorized access.APEX applications aren't an exception and developers should all adequately be addressing this.This talk is a primer for every APEX developer interested in learning- the common vulnerabilities faced by APEX applications, including SQL injection, Cross-site scripting, and URL tampering- how to perform the application security scanning- available tools (APEXSec, APEX-Sert, APEX Advisor) one can use to detect security issues- what can actually happen when a security vulnerability remains open- tips to improve the security of APEX applications