Once a Web site has been hacked, what are the proper steps for re-taking control my system?
You actually have several options: 1) you can run around screaming like your hair's on fire and react to the situation (only to make things worse), 2) you could unplug the system and restore it from backup (and hope your backups go far back enough), or 3) you could launch a formal forensics investigation involving forensics investigators from private firms or even law enforcement if it's bad enough. The thing is you have to plan ahead for this type of situation so you're well-prepared when the time comes. This requires working with the right people in your organization (IT, security, HR, PR, customer service, operations, and legal) to put together an incident response plan that makes sense for your business.
Dig deeper on Software Security Testing Tools
Companies without security expertise in-house may consider outsourcing security testing. Security expert Kevin Beaver suggests this is the wrong path.continue reading
Denial-of-service attacks may be impossible to prevent, but that doesn't mean there aren't ways to protect Web applications from them.continue reading
How can we best prevent hacking and user account lock out in Web applications with forms-based authentication?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.