development of the application.
% Centralize user input
-Another improvement which would streamline the security audit would be to
-centralize the locations in which user input is handled. By doing this the whole
-class of vulnerabilities which stems from the handling of user input could be
+Another improvement which would streamline a security audit would be to
+centralize the locations in which user input is handled. By doing this, the whole
+class of vulnerabilities which stems from handling user input could be
neutralized to an extent. This would be a relatively easy change in the
-development process with comparatively big security benefits.
+development process with big security benefits.
% Centralize application output
-In the same category; during development the application could be designed in
+In the same category; the application could be designed in
such a way that all dynamic output is sanitized before outputting it to the
user. This would create another defense{-}in{-}depth layer for handling
attacker controlled input.