what is website security verification?
-
I have an e-commerce website and I recently came across a web page that talks about cyber crime and this has got me wondering what website security verification means. Does any one know what website security verification means? How can verify my website to prevent such fraud cases?
-
Answer:
Security certifications are typically based on the results of a penetration test, which gives an indication of how difficult it is for ethical hackers to get past the security controls. Where this testing is done by experienced professionals this can be very useful. However Any security test is a point in time: a new 0-day exploit could be released the day after the attack and if the site is vulnerable the security certification is effectively useless. For organisations that handle credit card data, https://www.pcisecuritystandards.org/security_standards/ is supposed to certify that you protect your data appropriately, however the inadequacies are demonstrated in the media by famous attacks against PCI compliant organisations (eg http://www.databreaches.net/?p=1231 in 2009) - despite that, there are a lot of good activities described in PCI which you should look at. So if you are worried about your site, good practice for security generally includes: Risk assess your assets Patch your platforms and your code!!! http://security.stackexchange.com/q/1919/485 - certifying them is useful (see http://software-security.sans.org/) Look at the https://www.owasp.org/index.php/Top_10_2010-Main for the most common attacks and what to do about them Understand what platforms you use, and monitor scurity advisories for those platforms Regular penetration testing - annually, on every major update, on changes to your risk profile or threat landscape A defence in depth approach, so if a particular layer of security fails you will spot it before you are compromised
voidstar at Webmasters Visit the source
Other answers
I'm not an expert, but to me its nothing but a bit of a sham, users want to see that a website is secure, so owners pay money to get 'verified' some are Trust Guard, Mcafee and truste
Bruce Aldridge
Related Q & A:
- What is Website Patenting?Best solution by Quora
- What security does the iPod touch have?Best solution by Yahoo! Answers
- What are some security like jobs?Best solution by money.usnews.com
- What is "regional security?Best solution by en.wikipedia.org
- How popular are blogs and what a website for blogs is the best one?
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.