The process of protecting web applications by detecting, preventing, and responding to cyber threats. This discipline encompasses the security measures taken throughout the application’s lifecycle, addressing vulnerabilities to prevent attacks such as SQL injection, cross-site scripting, and data breaches.