Cloud platforms can improve Application Layer Security

We learn from our past mistakes and always improve on what we do. One of the biggest threats we faced since the invent of internet had been the web vulnerabilities. Vulnerabilities, not easily understood and accidently created by less experienced programmers, can be easily exploited by criminal-hackers. It took sometime for the industry to catch up with the danger and to bring in some discipline aimed at improving the application layer security measures. But the damages were done already by the hackers. The techniques used by hackers such as SQL injection, Distributed Denial of Service, Man-in-the-middle etc became common, by the time the industry took it seriously. 

Cloud computing technologies anticipate a more wide-spread use of the internet.  Will the old threats re-surrect in a new form and vigour ? Not likely, I believe.  One reason is the APIs. Resources such as databases and servers are allowed to access only through APIs. None of the low-level accesses will be supported by the cloud platforms. Another reason is the dedicated new genre of  'SQL-like' data manipulation languages . These languages do not support the full set of SQL or SQL compound statements in single query. The third and most important one is the support for self-validating templating engines to handle the views of the application. Remember, unclean data allowed to input through the forms enabled the hackers always. 

It looks like cloud computing platforms are making the best possible care at an easily enforcible layer well above the programmers.  However, we have not seen any selling effort from the cloud vendors in this direction, so far.  

Interestingly, it becomes more expensive for the criminal hackers to create and launch a DDOS , if the application is on the cloud with dynamic scalability with very low increamental cost. Added to this the physical security and access control at the cloud data centers are far above the captive data centers. 

What do you think ?