How would you identify and patch a security flaw in a Java-based enterprise application at Hexaware Technologies?