Guidelines and Standards for Securing Web Applications
The security of a website involves more than protection for the source code, database, Cardholder Data Environment (CDE), transactions, and inventory data, and more. The security policies must address all aspects of the site that could be compromised, damaged, or stolen. You can follow a variety of guidelines, standards, and best practices to secure the design, operation, and data of your e-commerce site.
In this section, we use the PCI DSS Requirements and Testing Procedures standards, originally developed to provide security for credit card transactions and cardholder data as an example. As you will see, this standard extends well beyond credit card processing and represents a standard ...
Get Internet and Web Application Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
