

Ask HN: How do you do a security audit on your site? - sgman

You have (an alpha version of) your site up and running. What steps do you follow to protect yourself against malicious users? I'm referring to sites like tripadvisor.com, that doesn't have a whole lot of sensitive information, rather than turbotax.com.
======
dguido
Check out my answer to this guy's question about how to test the security of
his website: <http://news.ycombinator.com/item?id=385093>

~~~
sgman
That's great. Thanks for your help!

------
JimEngland
A simple first step would be to talk to a security expert locally in your
area. In my area (Cleveland, OH) there is a group that will test your security
for free and give you pointers on what to change.

