The 80/20 Rule for Web Application Security is an article by Jeremiah Grossman, focused on increasing the security without touching the source code. The article identifies the "vital few" security solutions essential to protecting a website: