IT pros can detect, prevent website vulnerabilities, thwart attacks

Posted on SearchSecurity June 3rd.

"IT is left to its own ingenuity to weave diverse products into a Web security protection scheme. Security practitioners will have to categorize externally facing websites and then make security investment decisions among technologies such as scanners, penetration testers, Web application firewalls, source code scanning and security development lifecycle (SDL) investment. There is no one best practice when protecting websites, which is a worrisome state for businesses and helps explain why security vendors report that most attacks penetrate browsers through infected webpages."