What's Your Favorite Educational Website?

what is website security verification?

  • I have an e-commerce website and I recently came across a web page that talks about cyber crime and this has got me wondering what website security verification means. Does any one know what website security verification means? How can verify my website to prevent such fraud cases?

  • Answer:

    Security certifications are typically based on the results of a penetration test, which gives an indication of how difficult it is for ethical hackers to get past the security controls. Where this testing is done by experienced professionals this can be very useful. However Any security test is a point in time: a new 0-day exploit could be released the day after the attack and if the site is vulnerable the security certification is effectively useless. For organisations that handle credit card data, https://www.pcisecuritystandards.org/security_standards/ is supposed to certify that you protect your data appropriately, however the inadequacies are demonstrated in the media by famous attacks against PCI compliant organisations (eg http://www.databreaches.net/?p=1231 in 2009) - despite that, there are a lot of good activities described in PCI which you should look at. So if you are worried about your site, good practice for security generally includes: Risk assess your assets Patch your platforms and your code!!! http://security.stackexchange.com/q/1919/485 - certifying them is useful (see http://software-security.sans.org/) Look at the https://www.owasp.org/index.php/Top_10_2010-Main for the most common attacks and what to do about them Understand what platforms you use, and monitor scurity advisories for those platforms Regular penetration testing - annually, on every major update, on changes to your risk profile or threat landscape A defence in depth approach, so if a particular layer of security fails you will spot it before you are compromised

voidstar at Webmasters Visit the source

Was this solution helpful to you?

Other answers

I'm not an expert, but to me its nothing but a bit of a sham, users want to see that a website is secure, so owners pay money to get 'verified' some are Trust Guard, Mcafee and truste

Bruce Aldridge

Related Q & A:

Just Added Q & A:

Find solution

For every problem there is a solution! Proved by Solucija.

  • Got an issue and looking for advice?

  • Ask Solucija to search every corner of the Web for help.

  • Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.