Modern Business Process Management Systems enable customers to model processes and to design user interfaces without charging expensive IT specialists. To enable them to integrate such a system with their public web applications in the same manner, the upcoming security issues need to be discussed. This thesis provides a collection of identified attack patterns which are related to this scenario. These patterns are enriched with appropriate prevention recommendations. Additional, an abstract analysis method is described to identify a web application firewall configuration to secure the scenario. This analysis method gets exemplary used to identify a web application firewall configuration for a scenario with IBM Business Process Manager v.8.5.0.1 Standard.