SlideShare a Scribd company logo

Website integrity

Download as PPTX, PDF
J
jeannie_wu
Technology
1 of 17
Website Integrity Presented by: Jeannie Wu
Agenda What risks do companies face re: their websites? What tools are there for managing web content? What tools are there for detecting problems with corporate websites?
Introduction to Websites Two main purposes: e-commerce activities to provide information The need for trust has increased as a result of: anonymity of e-commerce globalization, increasing reliance on complex and powerful IT systems From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors
What risks do companies face regarding their websites? Cyber intrusions Unauthorized content Privacy breaches Copyright and trademark infringements
Potential Consequences Assets decreases in value Trade secrets stolen Increases in litigations
Issues with Managing Web Content Bottlenecks Consistency Navigation Content audit and control Tracking changes Integration
Web Content Management Tools Content Life Cycle 1. Organization Extensible Markup Language (XML), Resource Description Framework (RDF) 2. Workflow Design flexible rules, define roles and responsibilities 3. Creation Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging 4. Repositories Relational database structures, files system objects, or both
Web Content Management Tools 5. Versioning Version control, check-in/check-out templates, multi-languages, rollback 6. Publishing delivery methods testing, personalization, user testing 7. Archives Data retention and destruction
Web Content Management Tools Content Management Systems (CMS) Commercial Self-hosted Proprietary web content management system (WCMS) Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management Open source WCMS Examples: WordPress, Joomla, and Drupal Hosted - Software-as-a-Service (SaaS) Examples: Clickability, CrownPeak, and OmniUpdate Internally developed
WCMS considerations: Integration with company’s IT infrastructure and enterprise systems Features and functionalities Level of customization and companion products Costs Vendors and solutions
Benefits Open source: Benefits: lower costs, increased security and transparency, and better support SaaS: Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software
Common Problems with Corporate Websites Downtime Network failure Broken links Security issues Unauthorized changes Defacement of the website Connectivity or system outage issues Hijacking of the website
Tools for Detecting Problems with Corporate Websites Web server monitoring A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors” monitoring system should provide three different types of information: exceptions, trends, and historical data
Tools for Detecting Problems with Corporate Websites Testing the security of the website Authentication mechanism Role-based authorization Input validations Custom cryptographic algorithms and management of keys Logging controls
Tools for Detecting Problems with Corporate Websites Tools available in the market: Software package monitoring system Shareware Freeware scripts and solutions Third parties that provide website integrity services
Example of third party website integrity services Content test – catches corrupted updates and content change Edit test – detects unauthorized changes to the web site Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address Ping test – confirms that the web server responds to basic internet requests Fetch test – confirms that the web server is operating and responds in a reasonable amount of time Others: process, CPU, and memory monitoring
Conclusions There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks

Recommended

Cloud computingsec p3
Cloud computingsec p3Cloud computingsec p3
Cloud computingsec p3Cesar Schmitzhaus
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
The 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsThe 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsEMMAIntl
 
Soc Compliance Overview
Soc Compliance OverviewSoc Compliance Overview
Soc Compliance OverviewFabio Ferrari
 
Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event DataGenieConnect
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSForgeRock
 
Broken access control
Broken access controlBroken access control
Broken access controlPriyanshu Gandhi
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...Lenur Dzhemiliev
 

Recommended

Cloud computingsec p3
Cloud computingsec p3Cloud computingsec p3
Cloud computingsec p3Cesar Schmitzhaus
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
The 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsThe 21 CFR Part 11 Compliance Checklist for Digital Applications
The 21 CFR Part 11 Compliance Checklist for Digital ApplicationsEMMAIntl
 
Soc Compliance Overview
Soc Compliance OverviewSoc Compliance Overview
Soc Compliance OverviewFabio Ferrari
 
Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event DataGenieConnect
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSForgeRock
 
Broken access control
Broken access controlBroken access control
Broken access controlPriyanshu Gandhi
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...Lenur Dzhemiliev
 
Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Securitymferraz
 
SharePoint Governance and Compliance
SharePoint Governance and ComplianceSharePoint Governance and Compliance
SharePoint Governance and ComplianceAlistair Pugin
 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Testmartinvoelk
 
Observe it v67 webinar v5
Observe it v67 webinar v5Observe it v67 webinar v5
Observe it v67 webinar v5ObserveIT
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Root conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmRoot conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmArjun BM
 
Kms model
Kms modelKms model
Kms modelactkm
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Securitysherrymoon7121
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows
 
Don't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You UpDon't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You UpEAI Information Systems
 
Proxy For employee monitoring
Proxy For employee monitoringProxy For employee monitoring
Proxy For employee monitoringProxies Rent
 
LOB Application: From Dream to production
LOB Application: From Dream to productionLOB Application: From Dream to production
LOB Application: From Dream to productionЮрий Чудинов
 
Lob app-12012018
Lob app-12012018Lob app-12012018
Lob app-12012018ssuser7c985a
 
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.vivatechijri
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius securityGrafic.guru
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis
 
Gs Ch1
Gs Ch1Gs Ch1
Gs Ch1phanleson
 
Phishing Detection using Machine Learning
Phishing Detection using Machine LearningPhishing Detection using Machine Learning
Phishing Detection using Machine LearningArjun BM
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gEdwin Biemond
 
Finding neverland june 14 2011
Finding neverland june 14 2011Finding neverland june 14 2011
Finding neverland june 14 2011Laura Munroe
 
I want to live forever!
I want to live forever!I want to live forever!
I want to live forever!Laura Munroe
 

More Related Content

What's hot

Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Securitymferraz
 
SharePoint Governance and Compliance
SharePoint Governance and ComplianceSharePoint Governance and Compliance
SharePoint Governance and ComplianceAlistair Pugin
 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Testmartinvoelk
 
Observe it v67 webinar v5
Observe it v67 webinar v5Observe it v67 webinar v5
Observe it v67 webinar v5ObserveIT
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Root conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmRoot conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmArjun BM
 
Kms model
Kms modelKms model
Kms modelactkm
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Securitysherrymoon7121
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows
 
Proxy For employee monitoring
Proxy For employee monitoringProxy For employee monitoring
Proxy For employee monitoringProxies Rent
 
LOB Application: From Dream to production
LOB Application: From Dream to productionLOB Application: From Dream to production
LOB Application: From Dream to productionЮрий Чудинов
 
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.vivatechijri
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius securityGrafic.guru
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis
 
Phishing Detection using Machine Learning
Phishing Detection using Machine LearningPhishing Detection using Machine Learning
Phishing Detection using Machine LearningArjun BM
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior
 

What's hot (19)

Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Security
 
SharePoint Governance and Compliance
SharePoint Governance and ComplianceSharePoint Governance and Compliance
SharePoint Governance and Compliance
 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Test
 
Observe it v67 webinar v5
Observe it v67 webinar v5Observe it v67 webinar v5
Observe it v67 webinar v5
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?
 
Root conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbmRoot conf digitalskimming-v4_arjunbm
Root conf digitalskimming-v4_arjunbm
 
Kms model
Kms modelKms model
Kms model
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Security
 
Digital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security FrameworkDigital Shadows and the NIST Cyber Security Framework
Digital Shadows and the NIST Cyber Security Framework
 
Don't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You UpDon't Let Cybersecurity Trip You Up
Don't Let Cybersecurity Trip You Up
 
Proxy For employee monitoring
Proxy For employee monitoringProxy For employee monitoring
Proxy For employee monitoring
 
LOB Application: From Dream to production
LOB Application: From Dream to productionLOB Application: From Dream to production
LOB Application: From Dream to production
 
Lob app-12012018
Lob app-12012018Lob app-12012018
Lob app-12012018
 
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.A Hybrid Approach For Phishing Website Detection Using Machine Learning.
A Hybrid Approach For Phishing Website Detection Using Machine Learning.
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius security
 
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von BürenTrivadis TechEvent 2017 The future of mobility Daniel von Büren
Trivadis TechEvent 2017 The future of mobility Daniel von Büren
 
Gs Ch1
Gs Ch1Gs Ch1
Gs Ch1
 
Phishing Detection using Machine Learning
Phishing Detection using Machine LearningPhishing Detection using Machine Learning
Phishing Detection using Machine Learning
 
Secure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depthSecure Code Warrior - Defense in depth
Secure Code Warrior - Defense in depth
 

Viewers also liked

ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gEdwin Biemond
 
Finding neverland june 14 2011
Finding neverland june 14 2011Finding neverland june 14 2011
Finding neverland june 14 2011Laura Munroe
 
I want to live forever!
I want to live forever!I want to live forever!
I want to live forever!Laura Munroe
 
Pictures og mahogany place lipa
Pictures og mahogany place lipaPictures og mahogany place lipa
Pictures og mahogany place lipaHeidi Padua Mingao
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentationTraci Van
 
แนวข้อสอบเข้าม
แนวข้อสอบเข้ามแนวข้อสอบเข้าม
แนวข้อสอบเข้ามEase Santanaboon
 
Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_Freeman Freelife
 
Pescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-TelecomsPescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-TelecomsMatthew Cunningham
 
Llista d'espera
Llista d'esperaLlista d'espera
Llista d'esperaJQUINON3
 
Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"artcottage
 
Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.Rodalyn Salvaleon
 
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...fem talent
 
Att tillgängliggöra kulturarv
Att tillgängliggöra kulturarvAtt tillgängliggöra kulturarv
Att tillgängliggöra kulturarvMagnusCedergren
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentationTraci Van
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentationTraci Van
 

Viewers also liked (20)

ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11gODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
ODTUG The Necessary Knowledge and Tools You Need to Have for SOA Suite 11g
 
Finding neverland june 14 2011
Finding neverland june 14 2011Finding neverland june 14 2011
Finding neverland june 14 2011
 
I want to live forever!
I want to live forever!I want to live forever!
I want to live forever!
 
Pictures og mahogany place lipa
Pictures og mahogany place lipaPictures og mahogany place lipa
Pictures og mahogany place lipa
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentation
 
แนวข้อสอบเข้าม
แนวข้อสอบเข้ามแนวข้อสอบเข้าม
แนวข้อสอบเข้าม
 
Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_Beeman -linguistics and-anthropology_1_
Beeman -linguistics and-anthropology_1_
 
Teens 2 2012 animals
Teens 2 2012 animalsTeens 2 2012 animals
Teens 2 2012 animals
 
BHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENT
BHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENTBHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENT
BHUTAN: JOURNEY TO HIGHER PRODUCTIVITY AND BUSINESS ENLIGHTENMENT
 
Pescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-TelecomsPescado-Guide-To-Business-Telecoms
Pescado-Guide-To-Business-Telecoms
 
Llista d'espera
Llista d'esperaLlista d'espera
Llista d'espera
 
Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"Art Cottage "OOH on the Move"
Art Cottage "OOH on the Move"
 
Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.Paperless Session by Santiago B. Cane, Jr.
Paperless Session by Santiago B. Cane, Jr.
 
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
Discurs sobre igualtat de l'eurodiputada sueca Cecilia Wikström al II fem.tal...
 
Att tillgängliggöra kulturarv
Att tillgängliggöra kulturarvAtt tillgängliggöra kulturarv
Att tillgängliggöra kulturarv
 
Red swastik presentation
Red swastik presentationRed swastik presentation
Red swastik presentation
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentation
 
Art cottage
Art cottageArt cottage
Art cottage
 
Blogging presentation
Blogging presentationBlogging presentation
Blogging presentation
 
Html5(2)
Html5(2)Html5(2)
Html5(2)
 

Similar to Website integrity

Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfBased on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfarri2009av
 
Hack applications
Hack applicationsHack applications
Hack applicationsenrizmoore
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalManoj Agarwal
 
IT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommerceIT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommercePalani Kumar
 
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...EMC
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applicationsphanleson
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityColin English
 
Platform as a Service overview
Platform as a Service overviewPlatform as a Service overview
Platform as a Service overviewMiguel Pastor
 
D Cornell Securing Share Point
D Cornell Securing Share PointD Cornell Securing Share Point
D Cornell Securing Share PointArt Upton
 
20110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.020110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.0Jesse Wilkins
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
M Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At DisneyM Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At Disneykamensm02
 
The Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing ComplianceThe Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing ComplianceAffiliate Summit
 

Similar to Website integrity (20)

Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfBased on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdf
 
Web Governance
Web GovernanceWeb Governance
Web Governance
 
Security-testing presentation
Security-testing presentationSecurity-testing presentation
Security-testing presentation
 
Web Filters
Web FiltersWeb Filters
Web Filters
 
Hack applications
Hack applicationsHack applications
Hack applications
 
Application Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 FinalApplication Security Review 5 Dec 09 Final
Application Security Review 5 Dec 09 Final
 
IT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommerceIT8005_EC_Unit_II_Building_ECommerce
IT8005_EC_Unit_II_Building_ECommerce
 
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterp...
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Mid Term Exam
Mid Term ExamMid Term Exam
Mid Term Exam
 
Platform as a Service overview
Platform as a Service overviewPlatform as a Service overview
Platform as a Service overview
 
D Cornell Securing Share Point
D Cornell Securing Share PointD Cornell Securing Share Point
D Cornell Securing Share Point
 
20110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.020110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.0
 
gas_company_PT
gas_company_PTgas_company_PT
gas_company_PT
 
chapter 2.pdf
chapter 2.pdfchapter 2.pdf
chapter 2.pdf
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
M Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At DisneyM Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At Disney
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
The Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing ComplianceThe Nitty Gritty of Affiliate Marketing Compliance
The Nitty Gritty of Affiliate Marketing Compliance
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Website integrity

  • 2. Agenda What risks do companies face re: their websites? What tools are there for managing web content? What tools are there for detecting problems with corporate websites?
  • 3. Introduction to Websites Two main purposes: e-commerce activities to provide information The need for trust has increased as a result of: anonymity of e-commerce globalization, increasing reliance on complex and powerful IT systems From an e-commerce perspective, consumers need the assurance that corporate websites live up to their promises and that their private information will be protected while businesses need to differentiate themselves from their competitors
  • 4. What risks do companies face regarding their websites? Cyber intrusions Unauthorized content Privacy breaches Copyright and trademark infringements
  • 5. Potential Consequences Assets decreases in value Trade secrets stolen Increases in litigations
  • 6. Issues with Managing Web Content Bottlenecks Consistency Navigation Content audit and control Tracking changes Integration
  • 7. Web Content Management Tools Content Life Cycle 1. Organization Extensible Markup Language (XML), Resource Description Framework (RDF) 2. Workflow Design flexible rules, define roles and responsibilities 3. Creation Authoring, conversion, digital rights management (DRM), editing tools, metadata tagging 4. Repositories Relational database structures, files system objects, or both
  • 8. Web Content Management Tools 5. Versioning Version control, check-in/check-out templates, multi-languages, rollback 6. Publishing delivery methods testing, personalization, user testing 7. Archives Data retention and destruction
  • 9. Web Content Management Tools Content Management Systems (CMS) Commercial Self-hosted Proprietary web content management system (WCMS) Examples: Microsoft Office SharePoint Server and IBM Lotus Web Content Management Open source WCMS Examples: WordPress, Joomla, and Drupal Hosted - Software-as-a-Service (SaaS) Examples: Clickability, CrownPeak, and OmniUpdate Internally developed
  • 10. WCMS considerations: Integration with company’s IT infrastructure and enterprise systems Features and functionalities Level of customization and companion products Costs Vendors and solutions
  • 11. Benefits Open source: Benefits: lower costs, increased security and transparency, and better support SaaS: Benefits: subscription basis, no requirement of hardware, software, and infrastructure, vendor maintains and upgrades the software
  • 12. Common Problems with Corporate Websites Downtime Network failure Broken links Security issues Unauthorized changes Defacement of the website Connectivity or system outage issues Hijacking of the website
  • 13. Tools for Detecting Problems with Corporate Websites Web server monitoring A monitoring system includes “a set of monitors, mechanisms for alerting administrators if failures occur, and a historical log of data collected by monitors” monitoring system should provide three different types of information: exceptions, trends, and historical data
  • 14. Tools for Detecting Problems with Corporate Websites Testing the security of the website Authentication mechanism Role-based authorization Input validations Custom cryptographic algorithms and management of keys Logging controls
  • 15. Tools for Detecting Problems with Corporate Websites Tools available in the market: Software package monitoring system Shareware Freeware scripts and solutions Third parties that provide website integrity services
  • 16. Example of third party website integrity services Content test – catches corrupted updates and content change Edit test – detects unauthorized changes to the web site Domain Name System (DNS) test – the domain is checked on hundreds of DNS servers to ensure that it maps to the intended IP address Ping test – confirms that the web server responds to basic internet requests Fetch test – confirms that the web server is operating and responds in a reasonable amount of time Others: process, CPU, and memory monitoring
  • 17. Conclusions There are many different types of website risks and if these risks are not minimized the company’s website integrity may suffer, resulting in declined reputation and profitability Top management should get more involved to ensure that proper controls and tools (website content management tools and web monitoring tools) are in place to minimize these risks