Every application is vulnerable to the risk of tampering by unwanted intruders. When an application is developed traditionally by leveraging SQL or any other language for database operations, vulnerabilities inherent to the language are included and leave the systems open to attack. Tampering can occur in many ways and are often difficult to detect and predict. URL tampering or cross-site scripting can easily redirect users to malicious sites, so taking the proper steps to protect your application is essential.
Developing applications by using best practices ensures that rules are written properly and secures the application against threats. To maximize the integrity and reliability of application security, implement the features at multiple levels.
Each technique to strengthen the security of an application has a cost. Most techniques have one-time implementation costs, but others might have ongoing costs for processing or user inconvenience. You determine the actions that are most applicable and beneficial to your application.
When initially installed, Pega Platform™ is intentionally configured with limited security. This is appropriate for experimentation, learning, and application development. Before moving the application changes to higher environments, especially for the production environment, the lead system architect must take the appropriate steps to enforce all security policies are implemented to secure the application.