Be proactive in securing your web apps, and detect Common Weakness Enumerations (CWEs) before they become Common Vulnerabilities and Exposures (CVEs).
Why do web app security policies and compliance regulations exist? They are the result of a CVE getting exploited. But, what if you could get ahead of exploits such as XSS and SQL Injection? If you can sanitize the data that users enter into web app forms, you can address the cause of exploits rather than reacting to the symptoms.