Web applications, depending on their specific purpose, regularly interact with customers, partners, and employees. Unfortunately, dependencies and interactions between in-house and third-party resources, objects, and inputs inevitably introduce security holes.