We have hundreds of public facing web pages : do we protect all of them or only those
a) that when defaced will cause our corporate image to be affected?
b) or web pages that have injection & certain vulnerabilities? What are they?
c) or only web pages that are frequently used?
d) for announcement page that announces when is out service downtime, is this a good
candidate web page to protect?