Q
Problem solve Get help with specific problems with your technologies, process and projects.

Security testing sales, marketing websites

There's no particular security testing technique for sales or marketing websites. The vulnerabilities that affect all online applications apply the same for them.

When testing online sales and marketing software for vulnerabilities, is there a particular testing technique that should be used?
In general, no, there isn't a particular security testing technique for online sales and marketing software. The same vulnerabilities that affect all online applications apply the same for sales or marketing.

I will say, though, that the type of data that is considered "sensitive" changes. For example, marketing websites usually have a location where the public can view press releases. With many of these websites, when you view the press release and look at the URL will see something similar to this:
http://marketingsite.com/pressrelease.aspx?id=23

A common vulnerability that can exist here is that an attack can gain access to the press release before it is released to the public by just incrementing the ID in the URL, e.g., http://marketingsite.com/pressrelease.aspx?id=24, which although not public yet can now be viewed. I don't have to explain to you the impact of what that can cause.
This was last published in December 2008

Dig Deeper on Software Security Test Best Practices

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchMicroservices

TheServerSide.com

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

DevOpsAgenda

Close