development time. This would also require more careful planning of the
development of the application.
-% Last section, lets try to end with some deep insight.
+% Centralize user input
+Another improvement which would streamline the security audit would be to
+centralize the locations in which user input is handled. By doing this the whole
+class of vulnerabilities which stems from the handling of user input could be
+neutralized to an extent. This would be a relatively easy change in the
+development process with comparatively big security benefits.
+% Centralize application output
+In the same category; during development the application could be designed in
+such a way that all dynamic output is sanitized before outputting it to the
+user. This would create another defense{-}in{-}depth layer for handling
+attacker controlled input.
+
+% Use working frameworks
+To achieve the last two points one could use a framework verified to be secure,
+the security reviewers could then spend less time on verifying the framework and
+more on the implementation of the specific features of this application.