Monitorability

A Web commerce system that is amenable to monitoring is said to exhibit monitorability. Monitoring refers to an ongoing activity that examines either the system, the users, or both. It consists of the mechanisms, tools, and techniques that permit the identification of security events that could affect the operation of a Web commerce computer facility. Problem identification and problem resolution are the primary goals of monitoring, and monitorability is integral to maintaining secure Web commerce software.

The United States Computer Emergency Readiness Team (US-CERT) (www.us-cert.gov) is charged with providing response support and defense against cyber-attacks for the Federal Civil Executive Branch (.gov) and information sharing and collaboration with state and local government, industry, and international partners. US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber-security information to the public. US-CERT also provides a way for citizens, businesses, and other institutions to communicate and coordinate directly with the United States government about cyber-security.

CYBER-THREAT ANALYSIS

Another tool that can be used to implement Web commerce system monitorability is cyber-threat analysis. This approach involves threat identification, threat reporting, and advanced analysis that includes reverse engineering and data forensics methods to discover and ...

Get Web Commerce Security Design and Development now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.