Web Application Security Assessment

Scenario:

You are the Information Security manager in a medium-sized retail organization based in Riyadh. Organizational success is based on your customers being able to purchase items securely through the company’s website. Employees habitually make purchases without following company procedures.

You have been asked to assess if there are any company vulnerabilities that may impact purchases and come up with security recommendations that may minimize any website risks, threats, and vulnerabilities.

Write a paper that includes the following:

A description of three major risks, three threats, and three vulnerabilities of web hacking concerns for any security professional.
Compare and contrast best practices you would recommend to mitigate these web application risks, threats, and vulnerabilities.
Keep in mind; your assessment is being graded based on your ability to describe current risks, threats, and vulnerabilities in the retail industry in accordance with security goals. Use diagrams, where appropriate.