Application security is the process of ensuring that applications are secure from malicious attack or use by ensuring that steps have been taken to identify errors or oversights that could allow an attack. Security is a major consideration during the coding, or development, phase of an application but there are also tools and methods that protect applications once they have been released.
These tools can be used to, for example, control how coding changes are made during development and to thoroughly test for inadvertent errors that can lead to security holes. Discovering security flaws in development is vital before the application is released for use. Once it has been deployed, an application must have a secure permissions structure built into it so that only users with the appropriate rights can make certain changes to data or settings and that an audit trail remains when they do so.