Skip to main content

Introduction

In this article, we will introduce what security is and why it’s important!

As we become increasingly connected through the Internet by access through the computer, our phones, and even household devices, security has become a hot topic. Attacks can happen from any corner.

security-not-an-add-on

Applications can be the target of several different kinds of attacks. In the past, attacks on applications have led to the breach of millions of pieces of personal data, including credit card information. Government sites are also vulnerable to attacks that expose sensitive data.

The Internet has completely revolutionized the way we communicate with each other and share information. Many of us spend hours on social media and online group chats. Nearly all institutions have some sort of computer system administration to keep track of accounts, and buying and selling things on the Internet is now the norm. One by one, medical equipment, transportation systems, and vacuums are connected to the web.

This openness has enabled so much, but the work to make sure all these communications remain secure and are only available to the right eyes is what web security is all about.

Why Should I Care about Security?

Headline-grabbing security incidents are in the news all the time, and just as you are constantly evolving your skills, so are the attackers - they are constantly on the lookout to discover vulnerabilities and find a point of attack. Cyberattacks are extremely common. The attacks can result in:

  • Website defacement
  • Loss of availability or in the worst case, total denial-of-service (DoS)
  • Leaking of sensitive customer data
  • An attacker gaining control
  • An attacker using the website as a vector for other attacks
  • Loss of user trust in the website
  • Reputational damage

Security is Proactive

You should assume that by default, things are NOT safe. Vulnerabilities exist in all corners. In order for software and hardware to function, there are many parts that work with each other, and this means there are many points of attack.

For example, from a login page alone, an attacker could try several things. They could impersonate another user or they could inject malicious code into the input boxes to trigger a response. Ensuring security requires integrating security through coding defensively, secure rollout of new features, and constant monitoring and testing.

Penetration testing, or pen testing, is a growing practice where a cyberattack is simulated in order to identify security vulnerabilities so that they can be discovered and remediated. Also known as ethical hacking, pen-testing requires a thorough understanding of topics such as computer architecture and operating systems, business operations, networking protocols, and scripting languages.