Embedded Analytics – Your Decision making tool @ every turn !!

Today Embedded analytics is helping businesses move forward and helping them making right decisions.

So lets explore how – Data Driven Business Decisions are far more accurate than Goal Driven Decisions

It’s an exciting time for embedded analytics – in fact, it’s an exciting time in the tech world in general.

Cloud and SaaS services are in abundance – virtualization and other new strategies are making it easier to untether systems from hardware. At the same time, machine learning and artificial intelligence are adding to what digital platforms can do.

Another very exciting point on the horizon is the evolution of embedded analytics – the idea that you can get the power of analytics in a wider range of resources.

When it comes to embedded analytics, not everybody has the exact same interpretation of what this means. In a very general sense, embedded analytics means that user-friendly, self-service applications have analytics tools built into them, instead of the analytics being sourced through a more centralised – and often less accessible – model. So thats they Key. Analytics is built into the platform not sourced into the Platform – Says Techuva’s Architecture Team

Tools like QlikView or BO Report Adaptors – help end users to look for their much needed Analytics right inside application without the need for going a Report / Excel Download .

Example: –  A vendor providing a hotel management application for hotel chains could offer AI functionality to the chain overall and to the individual hotels. Globally and locally, insights from customer data could then be used to improve hotel service and occupancy.  So there by decision making for individual hotel and by global management remain data focussed and decision oriented.

Embedded Analytics can make life easier for users of the application. They can get insights directly from their data without needing to switch to another application. This saves time and effort. It also avoids the need for users to buy another application, or learn a new user interface.

Make or Buy ?

Analytics modules can be developed by own company or provided by a vendor. For embedding analytics in modern applications, it may make more sense to use an “off the shelf product” that specializes in this area. Software developers can then continue to focus on what they are good at, rather than trying to do everything themselves.

Therefore these embedded analytics  deliver the “Insights Your Customers wanted without having to switch elsewhere”.

If you are thinking of using embedded reporting via a product, use this checklist to help you make the right decision:

  • Independence – Can the BI or analytics module be embedded “as is” in your application? Or will it need additional tools or code to function properly?
  • Scalablity  – How many user requests can the module handle at the same time? Will it keep pace with increasing volumes of data and server power?
  • Cookie Cutter Experience  – How long will it take to make the BI or analytics module available to users? Normally, this should be faster than if you developed the module in-house.
  • Flexibility – What are the options for accessing the module from another program (via an API) or creating plugins to use the module’s functionality? Can you customize its output or appearance?
  • Security – How does the BI or analytics module make sure users see just the data they are authorised to see, and no more? How well does BI security extend to a multi-tenant environment and role-based security.

 

Embedded analytics primarily records, report and analyze every unique transaction, instance or process that takes place within the system platform. The captured data is fed into an analytics dashboard and is also available in various report formats.

Keep Reading
-Techuva Architecture Team

How Do You Know If Your UX is Good ?

“It looks beautiful!” “It’s pretty good.” “It does the job.”

These are NOT the worst things people could say about a user interface, but will you be confident that a “pretty” or “OK” user interface is capable of taking the Organisation to the next level ?

How would you define “pretty good” — having a nice appearance, solid design and quality graphics? OK, but do those qualities necessarily result in efficiencies and improvements to your business processes ? How do we scientifically prove it ?

Your answer lies in 3 points

  1. Heat Map Analysis  – This tool understands where the user is spending more time in filling forms, processing orders , approvals etc.
  2. Eyeball Analysis       – This tool understands where the user is spending more time in viewing a page, this helps us to determine whats the best spot in the application to place your AD or sales products.
  3. Under N Review of the UX  – This model allows us users to perform any action in a application under N clicks. This is achieved via the Digital Transformation Score or UX Click Review stream.

A good user interface can have a powerful impact on the usability and user experience of the application.

Eg: A hard-to-use application won’t be used efficiently, and it may not be used at all.

We should look forward to create an interface that enables and encourages end users to use an application frequently so they become more confident, efficient and productive users, says UX Architects of Techuva, who recently reviewed screens which could be across a Indian state by its Citizens.

Following are some real indicators of POOR UX 

  1. Slow task processing
  2. Increased errors
  3. Bad data
  4. Unreliable reports
  5. Slower on-boarding time
  6. Higher training costs
  7. Excessive help desk queries
  8. Low morale or output
  9. Attrition among the users.

 

Following are some real indicators of GOOD UX 

  1. Increased, faster user adoption : Self Starter Application
  2. Fewer errors while doing transaction.
  3. Lower costs in UX maintenance.
  4. Accelerated ROI
  5. A more engaged, satisfied workforce

How to define A Good Interface

Here are few key elements of a good user interface

  1. Perform Analysis on how to task done with a minimum amount of effort and errors   [Under N Analysis]
  2. Learn how to use the interface/application/software quickly, without extensive training or need for assistance [Digital Transformation Review]
  3. Remember how to use it the next time they sign on. [Digital Transformation Review]
  4. Analysis on how an alternative way to get the work done (i.e., manually, in a spreadsheet, etc.) [Digital Transformation Review] This is very important because User’s normally wanted to fall back to the old model always during the first 3 months.

5 Points to Consider during Design

  1. Consistent. No surprises, no ambiguities in process flow
  2. Simple, clear, concise – experience to users
  3. Intuitive. Easy navigation
  4. Responsive. Speed matters
  5. Flexible. It should be easy

3 simple things that best UX School suggests are 

1.Try out different design ideas before finalising it – Conduct Persona analysis , do UX study.

2. Set measurable goals and measure actual behavior – Watch your users, see how they perform.

3. Implement and evaluate   – keep watching over and over, keep making small changes.

 

In the end, a good user interface is one that enables efficiency, increases productivity, supports end users and saves your organisation money & time.

Stay tuned for more ….
– Techuva Architecture Team

Millennials are the Top Cybercrime Targets. Why ?

your_are_been_hacked

Question – Millennials are being hit harder by cybercrime than any other generation. Why is that ?

 

your_are_been_hacked

Though stealing someone’s identity is illegal, there are plenty of sneaky but legal tactics scammers and hackers employ that can expose you to identity theft as well. The first step in preventing this distressing scenario is being aware of the more common data collection schemes used to leave you vulnerable.

The millennials are among those groups of people who are most adversely impacted by cybercrime. Data seems to point to poor awareness of basic security habits as the main reason millennials have been hit so hard. To mention just a few of their poor security habits, members of this generation tend to be CARELESS with credentials, as well as visiting unsecure websites and performing transactions over public and unsecured Wi-Fi networks especially in unsuspected areas like Coffee stations, Airports, Malls etc.

Lack of familiarity with standard security measures and obsession with the internet could be the reasons millennials tend to be so reckless with their browsing habits. It seems that the sudden improvement in internet browsing experience and surge in online transactions and mobile apps (which are less secure) have also partly contributed to the reckless behavior. Improved awareness is probably the only solution to the problem. With cyberattacks on the rise in terms of both volume and variety, millennials could be sitting ducks.

  • A survey of fraud victims by internet firm found that millennials are more likely to fall victim to online scams than those 55 or older.
  • They also found that 10 percent of millennials fell victim to phishing and other cyberscams in 2017. Those millennials lost £612 ($856) on average.
  • Media Smarts, a public-private partnership which promotes digital and media literacy, surveyed people to find that more than one-third of millennials did not believe that schools and colleges had been providing adequate training in cybersecurity best practices.
  • Millennials tend to use weak or commonly used passwords that can be easily guessed. As a result, the systems or accounts can be easily breached. Another dangerous practice followed by millennials is sharing of passwords.

So, Why Are Millennials so Vulnerable?

The millennials are part of a unique generation that straddles two different eras in terms of access to technology. When they were born, the internet was probably at a nascent stage, accessible to only a few. By the time they attained adulthood, or were maybe in their mid-30s, access to the internet was considered a necessity. This can probably explain, to an extent, the careless attitude of millennials towards online browsing.

Conclusion

It is interesting that the millennials would behave the way they do, when it comes to online transactions. It seems that there are two ways they can make themselves more secure against cybercrimes. One, over time, they learn from their mistakes and become smarter about online security.

Also, they will have the examples of their succeeding generations, who are probably savvier as far as online transactions are concerned. Two, there needs to be a greater emphasis on awareness toward secure online transactions.

The initiatives need to come from different levels: government, schools and other educational institutions. However, improvement in online behavior is going to take a long time because it is basically a cultural and mindset issue.

Until then, millennials represent an easy target for cybercriminals because on a retail basis, it offers the lure of easy money for the cybercriminals.

Stay tuned for more 

DBaaS : Why ? DB As A Service & Its Benefits.

Database as a service (DBaaS) is a cloud computing service model which provides customers with some form of access to a database without the need for setting up physical hardware, installing software or configuring for performance. This is all taken care by the Vendor themselves.

All of the administrative tasks and maintenance are taken care of by the cloud provider directly. Sounds Very Easy rt ?. Of course, if the customer opts for more control over the database, this option is available and may vary depending on the provider.


The whole reason why you would use a cloud solution is easy scaling. The second point is crucial if you need to be able to do point-in-time restores of individual databases, or be able to easily move databases to separate servers.

 

Eg. When Techuva (An IOT , ERP Company based on India) had around 50+ IOT devices sending data every 2 minutes.. when they had to scale up to 200+ devices.. they didn’t had run around to buy new servers or  buy new hard-discs or enable large servers..  The Auto Scaling helped them to increase from 50 GB HDD to 200 GB HDD and increase from 4 GB ROM TO 16 GB ROM without any downtime.  Thanks to AWS RDS.

DB on Cloud and DBaaS enables automates installation, disk provisioning and management, patching, minor version upgrades, failed instance replacement, as well as backup and recovery of your SQL Server databases. Cloud Solutions also offers automated Multi-AZ (Availability Zone) synchronous replication, allowing you to set up a highly available and scalable environment fully managed by Vendors directly.

Well right now : All the DBA features aren’t available on the Cloud DB Solutions, such as :

  1. You need full control over the database instances, including access to the operating system and software stack.
  2. You want your own experienced database administrators managing the databases, including backups, replication and clustering.
  3. Your database size and performance needs exceed the current maximums, or other limits of the Vendor
  4. You need to use SQL Server features or options not currently supported

So, What are things that you need to worry, When you are data is lying in someone’s Cloud

  1. Review which IP or Domains have access to your DB.
  2. Periodically take Backups and Snapshots and store it in a different server.
  3. Have stronger Password restrictions
  4. Don’t store Personally Identifiable Information or Sensitive Information in Plain Text.
  5. Validate all the requests from the application for authenticity using a Hash Key or AuthKey or SessionID to avoid any eavesdrops.

Remember the hacker out there just needs access to your data and he can analyse & sell it to competition at this convenience,

So as a DB Owner / Application Owner – Keeping the dark horses away from your Data is Most Important,

Need some IT Consulting ? talk to our experts free @ info@techuva.com

Stay tuned …
Techuva Solutions Pvt Ltd.

How & Why does DevOps saves 30% of operation costs & increases productivity by 25% ?

Every Organization likes to Strike a balance between developer and operations teams for rapid delivery & reduce dependency on a person.

Every business house have a constant quest to churn out the most current products to meet customers ever growing demand. The DevOps approach is increasingly becoming the answer for achieving the goal of non-stop product roll-outs designed to outpace competition with unmatched offerings, In Other words “beat the competition in every corner of the road”

The Biggest Challenge that every Organization tries to eliminate is the “Dependency of people issues and availability” & followed by Process Issue – i.e. going the factory model to reduce wastage.

Take a look @ this video : https://www.youtube.com/watch?v=_I94-tJlovg

So, Why DevOps Matters

This decade of technology have transformed the world and its industries, from online shopping to patient care. Information Technology is no longer merely an enabler; rather it becomes an integral component of every part of a business. Companies interact with their customers through software delivered as digital services or mobile applications and on all sorts of devices.

We use software to increase operational efficiencies by transforming every part of the value chain. In a similar way the humble shipping containers have transformed the world with respect to logistics movement and transporting goods faster and safely, Companies in today’s world must transform how they build and deliver software.

So what does this solve ? 

  1. Speed : Move at high velocity so you can innovate for customers faster, adapt to changing markets better, and grow more efficient at driving business results
  2. Accelerated Delivery : By Increase the frequency and pace of releases by 15%, You can release new features and fix bugs & respond to your customers’ needs by 30% and build competitive advantage.
  3. Cookie Cutter Experience : By ensuring the quality of deployments and infrastructure changes, companies can be more agile and keep a high pace while maintaining a product stability for customers. Techniques like continuous integration and continuous inspection at each change will help maintain a stable application and better customer experience.
  4. Growth: Enables Companies to Operate and manage infrastructure and development processes at ease & enable predictable growth easily. Automation and consistency help us manage changing systems efficiently and with less risk.

Continuous Integration

It’s More than a process. Continuous Integration is backed by several important principles and practices.

  • Maintain a single source repository
  • Automate of code build
  • Enabling self-testing
  • Reduce Human Intervention
  • Process Driven Environment
  • Automated deployment

So in other words ” Integrate at least daily”

Read this image below :

devops-ci

 

 

 

.

This leads to

  • Catch issues early and nip them in the bud
  • Spend less time debugging and more time adding features

“Continuous Integration doesn’t defects, but it make IT Teams easier to find and remove quickly”.

A Seamless Integration and Deployment : could save as-much as 30% of operation cost by eliminating the Time and Need of separate integration and deployment team.

According to 2015 Survey on SMB IT Delivery Survey in U.S.  DevOps can improve Team’s productivity by as high as 27% by eliminating the needs to Train and Document the M & P’s of Build and Integration Process and enabling the automated tools to take over the process.

 

How to secure your AWS Instance & Protecting its contents.

Every second somewhere , some company has lost their 2 yr worth Data , Code, Intellectual Property or 3rd party license to some unknown Hacker !      – So how do you intend to protect it ? 


Securing your AWS
Securing your AWS

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Here are 5 simple rule(s) that will help you the bend on road without falling off

  1. Validate your Inbound Ports♦

    Port 22 is the most useful port for entire development community, Yet This is major backdoor for all Hackers to steal the data in minutes. So the only way to ensure this is by having an INBOUND IP RANGE / PARTICULAR IP have access and not the entire WEB !

  2. Admin Module of Web logic / Tomcat ♦

    Admin modules can help you deploy the code / change root paths / change datasource properties at ease, Remember this is the same for hackers as well. All those default Users in tomcat-users.xml or weblogic-users.xml have a default password and hackers are more aware of this ! So first things first  :

    a) Change the username and password for all the default accounts as first thing, disable all unwanted roles and privileges that aren’t used.
    b) Once App goes to Testing – DISABLE MANAGER / ADMIN MODULE.  COMMAND LINE DEPLOYMENTS ARE ALWAYS SAFER

  3. Set up a Passphrase for the Private Key and Safeguard it.

     Always having a passphrase / passcode to prviate key is an extra bit of security to the entire gamut.  Remember A Good Front Gate can stop many things to for attempting get inside.

  4. Your Database

    Hackers don’t get into our AWS server to look into our coding practices / vulnerabilities, they are here to exploit, violate and most importantly STEAL the DATA from us.So here are top 3 things we should do to safe gaurd our data:

    1. Customer Schema should have be encrypted (Data At Rest and Data At Motion)
    2. Passwords should never be able to decrypted – they should only compared (the decrypted values)
    3. Not Storing the PASSWORD to the DB as Plain Text in your application.properties or db.properties [If they are encrypted and stored in your .class or .mdb files of your .Net Applications] they are safer.

  5. Application Hygiene

    1. Passing of form data in the url (eg: http://myapp.com/customer_id=1023) – Boom !! You are lost in the woods already, Many Fortune 100 companies have lost there data atleast once because of this poor development habit.

    2. Showing Complete Exception details on the screen i.e. Showing the technical details of the server , database , table name on the screen during an exception.

    3. Most Importantly : Text Fields should know what they are meant for and should allow only those text characters only, Special Chars and SQL Injection poses as the No # 1 Threat.  Recently a FMCG company lost 100K Customer information when their forgot password (email text box) as simple as it.

 

Thanks and Stay Tuned for More – Techuva Solutions Pvt Ltd.

10 Useful TIPS for a Faster J2EE Application !

Why is your app slow ?

Ever felt your application should be more faster and responsive ?

So here are 10 things that can help you make your application faster !

                                                   

  1. Know your Queries !
     The most resource intensive section of any application is the DATABASE ! its the slowest of all – remember DB is always FILE IO (Okay, Unless you deal with in-memory database or SAP HANA or MapR). So this is a great opportunity to tweakeg: if you wanted to access the last X records

                                           SELECT id FROM Order WHERE … (Fetch the last X Records)
And then I’d execute one query for each record:
SELECT * FROM Order WHERE id in (Results from your first Query) ?

            this is roughly 20-30% less IO , Processing Cost on your DB Server Head.

      2. Not using DB Connection Pool
           Remember ! every time you do a class.forname( com.mysql.jdbc.driver )   Your JVM has done a reflection and loaded the class on memory and trying to get you a connection !! this takes roughly a second, So better use the connection pool and set the initial capacity = 10 and roughly have 1 connection for every 5 concurrent user or 1 per 25 to 50 users (active during that hour). So roughly a 100 user app will need around 10 connections in the pool to keep your business running on a summer day.

 

     3.   Calling the GARBAGE Collection Explicitly
             This is an another costly stuff ! every single time when the full GC (Garbage Collection) runs it stopped processing all the threads until its done… which means – if that runs for 3 seconds… all the users on the application or server are FROZEN for those 3 seconds…  that poses a terrible user experience.

So in order to avoid this reduce the scope of all the variables to local / function level variables – this will eliminate so many variables remaining the memory even after they are used.

Another TIP is : After you have used a variable and you don’t need it anymore – then de-reference it by making it point to null.

In a modest 2-3 gigabyte  heap this might be 3-5 seconds, but if you are running a 30-gigabyte head this   could be more on the order of 30 seconds

    4. Concurrency Issue :
           Its always a developer nightmare – when 2 threads are pointing to a same shared resource and they result in deadlock.

Few Developer Nightmares :

• Thread deadlocks
• Thread gridlocks
• Thread pool sizing issues

Code deadlocks occur when two or more threads each possess the lock for a resource the  other thread needs to complete its task and neither thread is willing to give up the lock that it
has already obtained.

At Database level, Deadlocks happen when a thread is trying to update a record and an another thread is trying to read it ! or 2 threads are trying to update a record and both fails at a point.

Synchronised blocks  is normal culprit and has to be dealt properly. – this can use unexplained stuck threads and resulting in performance delay and data inconsistency etc.

           Tip: Way to get over ! you mostly see stuck threads in production (since its v.hard to reproduce).. enable thread dumps and evaluate them in detail and understand bottle necks in the code and de-congest them to avoid the deadlocks.

 

5. Overuse of HTTP Session
          Since HTTP Session is the easiest way to carry objects from 1 module to another…Developers over-use this function…  and it always becomes and pain at the end of development or in production.

So there has to be utilities written to understand what objects lies hidden in your JAVA Session and clear them explicitly  once the user left a module to another module or when its no longer required.  Since the HTTP Session gets bloated when there is large number of concurrent users – it can bring down the entire application “java OutOfMemory Exception ”  does that sound familiar name to you ? Oh yea – In several developer’s case… Including mine in the past.

         Tip: Use In-house Utilities to dump the HTTP Session variables and determine which has to removed at the exit of what modules.

    6. String Concatenation
                    Not a serious offence ! remember all those places where queries are concatenated by + symbol…. if there are more than 10 lines – String is 2X costlier than string buffer
and you have 100-500 users… all those 2X difference is going to make a serious impact.

So as a standard practise : Use String Buffer for all queries / concatenation needs instead of string.

   7.  Not using JSON for webservices
                   Now it has become a standard for folks to user JSON instead of SOAP XMLs ! thanks to all Angular JS / Metorite / NodeJS etc.   JSON is upto 10 times lighter than SOAP Webservices (period).

e.g: a employee web service which carries 50 fields and its values in XML world its around 50-65 Kb of data transfer and in JSON case its 5-9 KB of data

Tip  : If you have options – move to JSON for performance and use a proper parser on the front end.

 

     8 .  Compression of those JS
         Remember those JS from Angular and jQuery the min versions…. they have been stripped of their empty spaces … they have been done for a reason .. a 200 KB JS file when compressed and minified – its only around 30-40KB

Tip : Wherever possible : minify the JS file for Production and have a normal version for development and debugging ! – Bingo serves both purposes.

    9 .  Optimising the UX-Views
            A simplified UX is always quicker , swifter and has better navigation experience. So introduce JS based sorting on the screen instead of DB hits / Use of Stored Procedures or Views instead of Queries for VIEW only / Data Fetch areas – Remember they are pre-compiled – hence more faster.

   10 . DB Optimisation

Simple difference of an hitting a table with index which has more than 100,000 records (on MySQL DB) is upto 60 to 90 % faster.

1) does your tables have indexes on most columns that you use for searching like employee_id, employee_name, age, city, status (of employee table).

2) do you have triggers enabled on large tables which are been modified very faster ?

3) If an your query takes more than 6 seconds – rule 1: it should move to stored procedure or a view and validate all indexes. remember MySQL can read 100,000 in 1 second.

4) Java Controllers are FASTER than JSP (since they are already compiled) so have your logic written on either in the query or controllers instead of JSP

 

Thank you ! Stay Tuned for More…..

-Techuva Solutions Pvt Ltd.

Migrating to Cloud ? First Steps !

 

Moving to a Public Cloud (AWS) ? First Timers .. Here is some cheat sheets !

 

  1. Migrating to AWS ?

    Have you tried the free Micro Tier ? That gives you 1 full-year free ownership on 1 server (micro). Use that to learn AWS and Deploy your first app.

  2. Setting up Tomcat 7 or 8 on your EC2 Instance

    Download the PEM File and use a putty-gen (downloadable exe) to create your Private Key, Use the private key to connect to your AWS Instance.
    Remember to save your private key and pem file for future references.

    Installing Tomcat via YUM Installer on your AWS Instance

          sudo yum install tomcat7-webapps tomcat7-docs-webapp tomcat7-admin-webapps

This command installs tomcat 7, admin app, manager gui as well.

Next step is to go /usr/share/tomcat7/conf/tomcat-users.xml and uncomment last few lines and set a password for the roles.

<user name=”admin” password=”admin12345″ roles=”admin,manager,admin-gui,admin-script,manager-gui,manager-script,manager-jmx,manager-status” />

      3. start / stop your tomcat

To Start the Tomcat Service :                                            sudo service tomcat7 start

To Stop the Tomcat Service :                                            sudo service tomcat7 stop

To Add Tomcat Service to Auto Start :                           sudo chkconfig tomcat7 on

For F-Secure / SSH Client – give all permissions   eg:  sudo chmod -R 777

     4. To add tomcat port to the AWS open list :

     5. Connect to the instance by public DNS name on port 8080.

     6. You are done with your tomcat on AWS !

     7. Go the browser and access the port 8080 (http://your aws public ip :8080) , and you the manager application to deploy your first application

6 Developer Friendly Ways To Strengthen Web Application Security

 

6 Developer friendly methods for better Application Security :

 

Nobody wants their Web application to get hacked even in their dreams, But there is more than 100+ breaches happening any given hour world wide. Here’s how to get serious about secure apps development.
1. User inputs are the first weak link  Everybody should understand that user inputs are not your friend,” Today, many sites accepts many different types of content from users, including text, images, and uploadable attachments. But all of that user-supplied content also can be used by a crafty hacker to try and exploit the underlying Web application. Accordingly, “the more user input you’re going to be collecting, the more work that will potentially need to be going into securing this input,” This means Developers should make things better enforced.

 

2. Understanding vulnerabilities which can compromise thingsHere is the most common list of vulnerabilities :Crucial ones are : SQL Injection , Cross Site Scripting (especially with MicroSevices and Webservices) this poses as the #1 risk.

OWASP Web Top 10 for 2013.png

 

3. Don’t customise security It’s very essential to have the list of approved security controls that will mitigate every exploit in the OWASP top 10, Now the top 10 is not an exhaustive list of vulnerabilities, but if you do that, you’ve at least gotten your fundamentals straightened out

 

4. Applying security controls consistently

        Rule 1 : To be secure, we have got to be consistent. An attacker, only have to find the one place where you don’t have a security control, and that’s the one place you’ll be attacked.” Preventing that from happening means applying security throughout the development of your software, “and that requires securing the software development lifecycle, or SDLC. Tools like HP Fortify , SonarQube helps to find vulnerabilities during development stage itself.

 

5. Share the best practice Key to succeess is not having to re-invent the wheel everytime a team is doing a new project, Common Security Practices have to templatized and be used company wide, Security CoEs ( Centre of Excellence) of Focus Groups helps to share the knowledge.

 

6. Security Controls in Open Sources / Different Languages Every Programming language is different and so are the security controls too. That goes for PHP, Java, .NET, or any other language being used. Each has its nuances, and some will offer better out-of-the-box security, but the important step is to ensure that everyone involved in building and approving a Web application understands how to stop exploits such as SQL injection and cross-site scripting attacks, and has the right development or code-checking tools to help.
Success to web-application security starts from the design phase. “It is not a separate module” – it’s part of every function, modules and query !

–  by Techuva Solutions Pvt Ltd