Session management for Web applications is an application layer responsibility. Session security is critical to the overall security of the application. Top session management threats include: ● Session hijacking ● Session replay ● Man in the middle Session Hijacking A session hijacking attack occurs when an attacker uses network monitoring software to capture the authentication