Have Protection In Place During the Interim
Even if you run a small and fairly simple organization, it may take weeks - or even months - to get through the list of web applications and to make the necessary changes. During that time, your business may be more vulnerable to attacks. Therefore, it is crucial to have other protections in place in the meantime to avoid major problems. For this you have a couple of options:
Remove some functionality from certain applications. If the functionality makes the application more vulnerable to attacks then it may be worth it to remove said functionality in the meantime.
Use a web application firewall (WAF) to protect against the most troubling vulnerabilities.
web application firewall
A WAF filters and blocks unwanted HTTP traffic going to a web application and helps protect against XSS, SQL injection, and more.
Throughout the process, existing web applications should be continually monitored to ensure that they aren’t being breached by third parties. If your company or website suffers an attack during this time, identify the weak point and address it before continuing with the other work. You should get into the habit of carefully documenting such vulnerabilities and how they are handled so that future occurrences can be dealt with accordingly.