SlideShare a Scribd company logo

Website integrity

Download as PPTX, PDF
J
jeannie_wu
Technology
1 of 17
Website Integrity Presented by: Jeannie Wu
Agenda What risks do companies face re: their websites? What tools are there for managing web content? What tools are there for detecting problems with corporate websites?
Introduction to Websites Two main purposes: e-commerce activities to provide information The need for trust has increased as a result of: anonymity of e-commerce globalization, increasing reliance on complex and powerful IT systems From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors
What risks do companies face regarding their websites? Cyber intrusions Unauthorized content Privacy breaches Copyright and trademark infringements
Potential Consequences Assets decreases in value Trade secrets stolen Increases in litigations
Issues with Managing Web Content Bottlenecks Consistency Navigation Content audit and control Tracking changes Integration
Web Content Management Tools Content Life Cycle 1. Organization Extensible Markup Language (XML), Resource Description Framework (RDF) 2. Workflow Design flexible rules, define roles and responsibilities 3. Creation Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging 4. Repositories Relational database structures, files system objects, or both
Web Content Management Tools 5. Versioning Version control, check-in/check-out templates, multi-languages, rollback 6. Publishing delivery methods testing, personalization, user testing 7. Archives Data retention and destruction
Web Content Management Tools Content Management Systems (CMS) Commercial Self-hosted Proprietary web content management system (WCMS) Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management Open source WCMS Examples: WordPress, Joomla, and Drupal Hosted - Software-as-a-Service (SaaS) Examples: Clickability, CrownPeak, and OmniUpdate Internally developed
WCMS considerations: Integration with company’s IT infrastructure and enterprise systems Features and functionalities Level of customization and companion products Costs Vendors and solutions
Benefits Open source: Benefits: lower costs, increased security and transparency, and better support SaaS: Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software
Common Problems with Corporate Websites Downtime Network failure Broken links Security issues Unauthorized changes Defacement of the website Connectivity or system outage issues Hijacking of the website
Tools for Detecting Problems with Corporate Websites Web server monitoring A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors” monitoring system should provide three different types of information: exceptions, trends, and historical data
Tools for Detecting Problems with Corporate Websites Testing the security of the website Authentication mechanism Role-based authorization Input validations Custom cryptographic algorithms and management of keys Logging controls
Tools for Detecting Problems with Corporate Websites Tools available in the market: Software package monitoring system Shareware Freeware scripts and solutions Third parties that provide website integrity services
Example of third party website integrity services Content test – catches corrupted updates and content change Edit test – detects unauthorized changes to the web site Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address Ping test – confirms that the web server responds to basic internet requests Fetch test – confirms that the web server is operating and responds in a reasonable amount of time Others: process, CPU, and memory monitoring
Conclusions There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks

Recommended

Cloud computingsec p3
Cloud computingsec p3Cloud computingsec p3
Cloud computingsec p3Cesar Schmitzhaus
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
The 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsThe 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsEMMAIntl
 
Soc Compliance Overview
Soc Compliance OverviewSoc Compliance Overview
Soc Compliance OverviewFabio Ferrari
 
Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event DataGenieConnect
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSForgeRock
 
Broken access control
Broken access controlBroken access control
Broken access controlPriyanshu Gandhi
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...Lenur Dzhemiliev
 

Recommended

Cloud computingsec p3
Cloud computingsec p3Cloud computingsec p3
Cloud computingsec p3Cesar Schmitzhaus
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
The 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsThe 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsEMMAIntl
 
Soc Compliance Overview
Soc Compliance OverviewSoc Compliance Overview
Soc Compliance OverviewFabio Ferrari
 
Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event DataGenieConnect
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSForgeRock
 
Broken access control
Broken access controlBroken access control
Broken access controlPriyanshu Gandhi
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...Lenur Dzhemiliev
 
Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Securitymferraz
 
SharePoint Governance and Compliance
SharePoint Governance and ComplianceSharePoint Governance and Compliance
SharePoint Governance and ComplianceAlistair Pugin
 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Testmartinvoelk
 
Observe it v67 webinar v5
Observe it v67 webinar v5Observe it v67 webinar v5
Observe it v67 webinar v5ObserveIT
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Root conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmRoot conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmArjun BM
 
Kms model
Kms modelKms model
Kms modelactkm
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Securitysherrymoon7121
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows
 
Don't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You UpDon't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You UpEAI Information Systems
 
Proxy For employee monitoring
Proxy For employee monitoringProxy For employee monitoring
Proxy For employee monitoringProxies Rent
 
LOB Application: From Dream to production
LOB Application: From Dream to productionLOB Application: From Dream to production
LOB Application: From Dream to productionЮрий Чудинов
 
Lob app-12012018
Lob app-12012018Lob app-12012018
Lob app-12012018ssuser7c985a
 
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.vivatechijri
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius securityGrafic.guru
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis
 
Gs Ch1
Gs Ch1Gs Ch1
Gs Ch1phanleson
 
Phishing Detection using Machine Learning
Phishing Detection using Machine LearningPhishing Detection using Machine Learning
Phishing Detection using Machine LearningArjun BM
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gEdwin Biemond
 
Finding neverland june 14 2011
Finding neverland june 14 2011Finding neverland june 14 2011
Finding neverland june 14 2011Laura Munroe
 
I want to live forever!
I want to live forever!I want to live forever!
I want to live forever!Laura Munroe
 

More Related Content

What's hot

Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Securitymferraz
 
SharePoint Governance and Compliance
SharePoint Governance and ComplianceSharePoint Governance and Compliance
SharePoint Governance and ComplianceAlistair Pugin
 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Testmartinvoelk
 
Observe it v67 webinar v5
Observe it v67 webinar v5Observe it v67 webinar v5
Observe it v67 webinar v5ObserveIT
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Root conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmRoot conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmArjun BM
 
Kms model
Kms modelKms model
Kms modelactkm
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Securitysherrymoon7121
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows
 
Proxy For employee monitoring
Proxy For employee monitoringProxy For employee monitoring
Proxy For employee monitoringProxies Rent
 
LOB Application: From Dream to production
LOB Application: From Dream to productionLOB Application: From Dream to production
LOB Application: From Dream to productionЮрий Чудинов
 
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.vivatechijri
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius securityGrafic.guru
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis
 
Phishing Detection using Machine Learning
Phishing Detection using Machine LearningPhishing Detection using Machine Learning
Phishing Detection using Machine LearningArjun BM
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 

What's hot (19)

Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Security
 
SharePoint Governance and Compliance
SharePoint Governance and ComplianceSharePoint Governance and Compliance
SharePoint Governance and Compliance
 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Test
 
Observe it v67 webinar v5
Observe it v67 webinar v5Observe it v67 webinar v5
Observe it v67 webinar v5
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?
 
Root conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmRoot conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbm
 
Kms model
Kms modelKms model
Kms model
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Security
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security Framework
 
Don't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You UpDon't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You Up
 
Proxy For employee monitoring
Proxy For employee monitoringProxy For employee monitoring
Proxy For employee monitoring
 
LOB Application: From Dream to production
LOB Application: From Dream to productionLOB Application: From Dream to production
LOB Application: From Dream to production
 
Lob app-12012018
Lob app-12012018Lob app-12012018
Lob app-12012018
 
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius security
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
 
Gs Ch1
Gs Ch1Gs Ch1
Gs Ch1
 
Phishing Detection using Machine Learning
Phishing Detection using Machine LearningPhishing Detection using Machine Learning
Phishing Detection using Machine Learning
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depth
 

Viewers also liked

ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gEdwin Biemond
 
Finding neverland june 14 2011
Finding neverland june 14 2011Finding neverland june 14 2011
Finding neverland june 14 2011Laura Munroe
 
I want to live forever!
I want to live forever!I want to live forever!
I want to live forever!Laura Munroe
 
Pictures og mahogany place lipa
Pictures og mahogany place lipaPictures og mahogany place lipa
Pictures og mahogany place lipaHeidi Padua Mingao
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentationTraci Van
 
แนวข้อสอบเข้าม
แนวข้อสอบเข้ามแนวข้อสอบเข้าม
แนวข้อสอบเข้ามEase Santanaboon
 
Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_Freeman Freelife
 
Pescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-TelecomsPescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-TelecomsMatthew Cunningham
 
Llista d'espera
Llista d'esperaLlista d'espera
Llista d'esperaJQUINON3
 
Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"artcottage
 
Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.Rodalyn Salvaleon
 
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...fem talent
 
Att tillgängliggöra kulturarv
Att tillgängliggöra kulturarvAtt tillgängliggöra kulturarv
Att tillgängliggöra kulturarvMagnusCedergren
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentationTraci Van
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentationTraci Van
 

Viewers also liked (20)

ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
 
Finding neverland june 14 2011
Finding neverland june 14 2011Finding neverland june 14 2011
Finding neverland june 14 2011
 
I want to live forever!
I want to live forever!I want to live forever!
I want to live forever!
 
Pictures og mahogany place lipa
Pictures og mahogany place lipaPictures og mahogany place lipa
Pictures og mahogany place lipa
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentation
 
แนวข้อสอบเข้าม
แนวข้อสอบเข้ามแนวข้อสอบเข้าม
แนวข้อสอบเข้าม
 
Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_
 
Teens 2 2012 animals
Teens 2 2012 animalsTeens 2 2012 animals
Teens 2 2012 animals
 
BHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENT
BHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENTBHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENT
BHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENT
 
Pescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-TelecomsPescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-Telecoms
 
Llista d'espera
Llista d'esperaLlista d'espera
Llista d'espera
 
Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"
 
Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.
 
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
 
Att tillgängliggöra kulturarv
Att tillgängliggöra kulturarvAtt tillgängliggöra kulturarv
Att tillgängliggöra kulturarv
 
Red swastik presentation
Red swastik presentationRed swastik presentation
Red swastik presentation
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentation
 
Art cottage
Art cottageArt cottage
Art cottage
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentation
 
Html5(2)
Html5(2)Html5(2)
Html5(2)
 

Similar to Website integrity

Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfBased on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfarri2009av
 
Hack applications
Hack applicationsHack applications
Hack applicationsenrizmoore
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalManoj Agarwal
 
IT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommerceIT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommercePalani Kumar
 
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...EMC
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applicationsphanleson
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityColin English
 
Platform as a Service overview
Platform as a Service overviewPlatform as a Service overview
Platform as a Service overviewMiguel Pastor
 
D Cornell Securing Share Point
D Cornell Securing Share PointD Cornell Securing Share Point
D Cornell Securing Share PointArt Upton
 
20110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.020110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.0Jesse Wilkins
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
M Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At DisneyM Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At Disneykamensm02
 
The Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing ComplianceThe Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing ComplianceAffiliate Summit
 

Similar to Website integrity (20)

Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfBased on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdf
 
Web Governance
Web GovernanceWeb Governance
Web Governance
 
Security-testing presentation
Security-testing presentationSecurity-testing presentation
Security-testing presentation
 
Web Filters
Web FiltersWeb Filters
Web Filters
 
Hack applications
Hack applicationsHack applications
Hack applications
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 Final
 
IT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommerceIT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommerce
 
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Mid Term Exam
Mid Term ExamMid Term Exam
Mid Term Exam
 
Platform as a Service overview
Platform as a Service overviewPlatform as a Service overview
Platform as a Service overview
 
D Cornell Securing Share Point
D Cornell Securing Share PointD Cornell Securing Share Point
D Cornell Securing Share Point
 
20110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.020110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.0
 
gas_company_PT
gas_company_PTgas_company_PT
gas_company_PT
 
chapter 2.pdf
chapter 2.pdfchapter 2.pdf
chapter 2.pdf
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
M Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At DisneyM Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At Disney
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
The Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing ComplianceThe Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing Compliance
 

Recently uploaded

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 

Recently uploaded (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Website integrity

  • 2. Agenda What risks do companies face re: their websites? What tools are there for managing web content? What tools are there for detecting problems with corporate websites?
  • 3. Introduction to Websites Two main purposes: e-commerce activities to provide information The need for trust has increased as a result of: anonymity of e-commerce globalization, increasing reliance on complex and powerful IT systems From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors
  • 4. What risks do companies face regarding their websites? Cyber intrusions Unauthorized content Privacy breaches Copyright and trademark infringements
  • 5. Potential Consequences Assets decreases in value Trade secrets stolen Increases in litigations
  • 6. Issues with Managing Web Content Bottlenecks Consistency Navigation Content audit and control Tracking changes Integration
  • 7. Web Content Management Tools Content Life Cycle 1. Organization Extensible Markup Language (XML), Resource Description Framework (RDF) 2. Workflow Design flexible rules, define roles and responsibilities 3. Creation Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging 4. Repositories Relational database structures, files system objects, or both
  • 8. Web Content Management Tools 5. Versioning Version control, check-in/check-out templates, multi-languages, rollback 6. Publishing delivery methods testing, personalization, user testing 7. Archives Data retention and destruction
  • 9. Web Content Management Tools Content Management Systems (CMS) Commercial Self-hosted Proprietary web content management system (WCMS) Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management Open source WCMS Examples: WordPress, Joomla, and Drupal Hosted - Software-as-a-Service (SaaS) Examples: Clickability, CrownPeak, and OmniUpdate Internally developed
  • 10. WCMS considerations: Integration with company’s IT infrastructure and enterprise systems Features and functionalities Level of customization and companion products Costs Vendors and solutions
  • 11. Benefits Open source: Benefits: lower costs, increased security and transparency, and better support SaaS: Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software
  • 12. Common Problems with Corporate Websites Downtime Network failure Broken links Security issues Unauthorized changes Defacement of the website Connectivity or system outage issues Hijacking of the website
  • 13. Tools for Detecting Problems with Corporate Websites Web server monitoring A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors” monitoring system should provide three different types of information: exceptions, trends, and historical data
  • 14. Tools for Detecting Problems with Corporate Websites Testing the security of the website Authentication mechanism Role-based authorization Input validations Custom cryptographic algorithms and management of keys Logging controls
  • 15. Tools for Detecting Problems with Corporate Websites Tools available in the market: Software package monitoring system Shareware Freeware scripts and solutions Third parties that provide website integrity services
  • 16. Example of third party website integrity services Content test – catches corrupted updates and content change Edit test – detects unauthorized changes to the web site Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address Ping test – confirms that the web server responds to basic internet requests Fetch test – confirms that the web server is operating and responds in a reasonable amount of time Others: process, CPU, and memory monitoring
  • 17. Conclusions There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks