A great article about app security at production enviorement:

