Your web application is the face of your business. It is the client-server software exposed to the world. For instance, when you want to book an airline ticket you visit the airline’s website to make the reservation. This public exposure and interaction is highly convenient to current and potential customers. However, it also makes your site susceptible to attacks.
In many cases, it’s easy to identify when a web application is compromised. In many cases—but not always. In fact, the M-Trends 2016 report from FireEye shows that it takes an average of 99 days to detect a security breach. Surprisingly, most reported intrusions are not detected by internal security processes. Rather, they’re disclosed by news reports, customer complaints, law enforcement, and other external sources.
It’s important to recognize that every attack is different. And attack consequences also vary. Here are six ways to determine if your web application has been compromised.