In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

Total Tests:
Stay in Touch

Weekly newsletter on AI, Application Security & Cybercrime


Your data will stay confidential Private and Confidential

Right to be... Compromised

Friday, August 29, 2014
Read Time: 1 min.

Today when the media is full of talk about privacy and the right to be forgotten introduced by Google, I get the impression that some companies use and even abuse their right to be compromised.


Today when the media is full of talk about privacy and the right to be forgotten introduced by Google, I get the impression that some companies use and even abuse their right to be compromised.

Security Best Practices, Outsourcing and an eBay Compromise

It’s no big secret that it is almost impossible to totally avoid security incidents in large companies with complicated IT infrastructures spanning hundreds of servers hosted on several continents. However, security incidents can and should be:

  • Detected on time;
  • Prevented;
  • Properly investigated.

Apparently that’s what did not happen at eBay, one of the largest and most reputable ecommerce websites in the world. Let’s try to analyze what is going on in the ecommerce industry with respect to security, what is wrong and how we can try to improve it.

Many large and small ecommerce companies hire external firms (usually from developing or Eastern European countries) to build and maintain their in-house software products. Outsourcing can definitely be a good way to cut costs and optimize IT budget spend. However, today in many companies that outsource software development, outsourcing simply means:

  • Nobody knows who is responsible for this piece of code;
  • Nobody is actually responsible;
  • Nobody wants to be responsible.

Obviously, even the most competent and qualified security professionals and teams cannot manage a site’s security properly if they don’t have clear and effective lines of communication with the developers. Quite often an outsourcing company is selected because it offered the lowest price, not because it demonstrated programming and security Best Practices that should be a “must have” for every piece of software and for every software development lifecycle (SDLC).

Read full article: Innovation Insights


User Comments
Add Comment

View Products Ask a Question