Analyst Report: Six security dangers Web startups should know and how to counter them


Rapid growth phases at startups are invariably accompanied by an escalating number of attacks and the need to respond to those, as we’ve seen with sites like Facebook, Twitter and many other web-based companies. This research note discusses the many forms in which security attacks can arrive, from insecure user accounts to malware and spammers. It also provides advice and tips on how companies and developers can deal with and prevent these attacks in the future, to ensure the best safety for their businesses and Web offerings.

The key to presenting effective security controls that won’t scare away new users is to time their introduction and accompanying expenses. The different sections of this report include information on the security controls that, while not always built in from the company’s inception, are something every successful Web startup will need to eventually implement.

Table of Contents

  1. Summary
  2. Introduction
  3. Securing user accounts
  4. Session IDs and URLs
  5. SQL injection and cross-site scripting
  6. Malicious use
  7. Spammers
  8. Denial of service
  9. Final thoughts
  10. About Richard Stiennon
  11. About GigaOM Pro

Join Gigaom Research! Become a subscriber and get reports like these, plus our collection of over 1,700 reports from world-class analysts for just $995 a year.