When customers interact with your business, they most likely go through a Web application first. It’s your company’s public face — and by virtue of that exposure, an obvious point of vulnerability.
Most attacks against Web applications are stealthy and hard to spot. That’s a problem, because once attackers get in, they lurk undetected on networks for an average of 205 days, according to the 2015 Verizon Data Breach Investigations Report. Most organizations find out they’ve been compromised from someone else, such as when they get a call from law enforcement or an irate customer.
How can you tell if your Web application has been hacked? “When your Web application is compromised, it will start to do things out of the ordinary,” says Steve Durbin, managing director of Information Security Forum. The key is to gain a thorough understanding of what constitutes normal behavior for your application, then keep your eyes peeled for aberrations.