Security for Web Developers: 02: What Determines Your Website’s Security?

Security Padlock

Relatively speaking, your security is:

  • Higher if you hold little or no financial information, or have few network resources,
  • Higher if your server is vigorously patched and correctly configured,
  • Higher if your code is built to high standards and
  • Higher if the network connecting your site to the Internet has tight permissions.

You can employ formal measurement metrics, like this one from ISACA: http://www.isaca.org/Journal/archives/2011/Volume-4/Pages/Measure-and-Monitor-Application-Security.aspx

Or you can employ an “alternative” methodology like this one from White Hat Security: https://www.whitehatsec.com/blog/if-you-want-to-improve-something-measure-it/

Next: http://schoolforhackers.com/security-web-developers-makes-website-insecure/

Security for Web Developers: 01

Blue Security Goddess

With Glenn Norman

Get a basic understanding of how servers and security play a key role in the overall functioning of websites. This course will introduce you to the concepts of storing content, such as the basic programming of a website to the design elements, and ways to keep your website and your users safe in the sometimes dangerous world of the Internet.

Objectives

You will learn to recognize the risk factors your particular web applications face, and how to determine the specific vulnerabilities within your site, app and code.

You will try out some of the web-app security-testing tools that will be used against you. Often these will identify the most obvious vulnerabilities you should address.

Then we will discuss the most common code and configuration issues, as well as plugins and services for monitoring your site.

Next: http://schoolforhackers.com/determines-websites-security/