English

Secure coding for web applications: Frameworks, challenges, and the role of LLMs

Software Engineering 2025-10-02 v3

Abstract

Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides a comprehensive review of secure coding practices across major frameworks and domains, including web development, DevSecOps, and cloud security. It introduces a structured framework comparison and categorizes threats aligned with the OWASP Top 10. Additionally, we explore the rising role of Large Language Models (LLMs) in evaluating and recommending secure code, presenting a reproducible case study across four major vulnerability types. This paper offers practical insights for researchers, developers, and educators on integrating secure coding into real-world development processes.

Keywords

Cite

@article{arxiv.2507.22223,
  title  = {Secure coding for web applications: Frameworks, challenges, and the role of LLMs},
  author = {Kiana Kiashemshaki and Mohammad Jalili Torkamani and Negin Mahmoudi},
  journal= {arXiv preprint arXiv:2507.22223},
  year   = {2025}
}

Comments

11 pages, 5 figures, 3 tables, 6 listings

R2 v1 2026-07-01T04:24:54.183Z