One comment

  1. A great way to do it is also to attack yourself. You then see both sides of the equation.

    We use ScanAlert, who regularly “audit” (read “attack using many vectors”) our various eCommerce outlets. This generates a report of potential vulnerabilities which they provide, but also provides us with our own data as a result of the attacks. Internally, we get how these attacks manifest themselves by .NET exception traps, validation traps etc. being audited. (eg. yesterday, I had a mailbox with over 1,000 audit events which had to be checked against the attack vectors)

    All systems okay!

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.