If you have ever touched anything related to security, it's likely you used some third-party tools, such as firewalls, XSS filters, access control modules, etc.
There are three basic modes in which you can work with those tools, such as Black Box, Blacklist and Whitelist. And often developers are given the right and responsibility to make decisions on choosing one of them.
Even though this information may sound obvious for some developers, others can make mistakes which can potentially cost their companies money and their leadership nerves, so it’s a good idea to review your understanding of these three security practices.