?
Solved

Web apps compromise

Posted on 2009-05-11
1
Medium Priority
?
153 Views
Last Modified: 2012-05-06
Does anyone have any best practice documentation on procedures to take once one of your web apps has been subject to either xss or sql injection? What actions do you take if you have an app that has been compromised etc? We are lucky to not have such a compromise but I want to look into best practice in case we are ever targetted?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 1000 total points
ID: 24360993
Hi pma111,

>>  once one of your web apps has been subject to either xss or sql injection?

The first thing to do is pay a security firm to do an audit and subject your app(s) to penetration testing.  Better to know NOW where your weaknesses or holes are and take steps to fix them.

If you have an app that is compromised, pull it down right away.  Better 24 hours of frustration for users than months or years of dealing with the fallout of ignored security.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Change in PHP Behavior with Session Write Short Circuit (http://php.net/manual/en/book.session.php#116217) (Winter 2014)** With the release of PHP 5.6 the session handler changed in a way that many think should be considered a bug.  See the note …
New Relic: Our company recently started researching several products to figure out what were the best ways for us to increase our web page speed and to quickly identify performance problems that we may be having. One of the products we evaluated wa…
This video teaches users how to migrate an existing Wordpress website to a new domain.
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question