Safe approach to secure software applications in production and exchange of information

Nowadays, technology advancement, interconnection of the computer systems is increasingly growing. Network security and under-web applications; therefore, has come to be a major challenge. It is certain that technology advancement creates its own problems. Information manipulation, as the intellectual foundation of the nations, by international organizations is considered as an interruption of the national security and action against governments. Information security in virtual environments has been underlined as one of the most important and basic foundations for development. The present paper makes attempt to introduce a framework aiming at evaluating security systems under-web in software production and final product using ESA software engineering standard and two private methods of open web application security project and Microsoft threatening model process as well as a standard general method of common criteria for information technology security evaluation