Free Book - External Exposure & Attack Surface Management for Dummies
Also known as a web app, a web application is software running on a web server that is accessed by users via a browser called a client. Google Docs is a common example of a web application.
Web applications are by nature Internet facing and running continuously so present an avenue of attack when coded with vulnerabilities or misconfigurations. Also they will oftentimes feature a front-end attached to one or more backend systems like authorization, authentication, accounting, directory service, or databases which are attractive targets for attackers.