I think app layer threats will continue to grow, says a former bank CISO.Lack of input validation (making an application understand what data it should accept, including syntax and length) and cross-site scripting (a weakness that lets attackers inject client-side script into Web pages viewed by other users) are still the most exploited of the app vulnerabilities.