Relatively speaking, your security is:
- Higher if you hold little or no financial information, or have few network resources,
- Higher if your server is vigorously patched and correctly configured,
- Higher if your code is built to high standards and
- Higher if the network connecting your site to the Internet has tight permissions.
You can employ formal measurement metrics, like this one from ISACA: http://www.isaca.org/Journal/archives/2011/Volume-4/Pages/Measure-and-Monitor-Application-Security.aspx
Or you can employ an “alternative” methodology like this one from White Hat Security: https://www.whitehatsec.com/blog/if-you-want-to-improve-something-measure-it/
With Glenn Norman
Get a basic understanding of how servers and security play a key role in the overall functioning of websites. This course will introduce you to the concepts of storing content, such as the basic programming of a website to the design elements, and ways to keep your website and your users safe in the sometimes dangerous world of the Internet.
You will learn to recognize the risk factors your particular web applications face, and how to determine the specific vulnerabilities within your site, app and code.
You will try out some of the web-app security-testing tools that will be used against you. Often these will identify the most obvious vulnerabilities you should address.
Then we will discuss the most common code and configuration issues, as well as plugins and services for monitoring your site.