Risk Assessment and Management3:11 with Kenneth Love
How do you identify places you might be attacked? Do you have a plan for dealing with an attack and the fallout from such?
If you want another look at our list of questions, here it is:
- Why would someone want to gain access to your application or data?
- What are the most likely ways someone would gain that access?
- What data would be the most valuable to an attacker?
- Assuming your application is compromised, how would that impact your users? How would it impact your business?
- What processes would you follow to fully recover from an attack?
- How could someone use your application for other illicit uses?
Here is a StackOverflow discussion about why you shouldn't create your own security schemes and cryptography.
Lastly, the EFF has a great guide to security. While this is mostly aimed at things to do for your own personal online safety, it's full of great ideas and advice. I highly recommend you check it out.
You need to sign up for Treehouse in order to download course files.Sign up