With the advancement of technology, there has been a significant increase in information security threats that web applications are being subjected to. This guideline outlines the basic principles that are to be followed by government organizations to prevent or mitigate web application compromise