You’ve painstakingly architected your Sitecore 9 installation on PaaS. You’ve gone to all the trouble to think about scalability, usability, portability… all the -ITYs. But what about securITY? 

Imagine you’ve been tasked with riding a unicycle across a tightrope. It sounds difficult, right?

We’ve all been there. You’ve painstakingly overhauled your site to be ADA compliant and to match the Web Content Accessibility Guidelines (WCAG). Then just a short time later, changes to the standard are made and you have to start all over again.

In Tech, we are constantly in a game of ‘catch-up’. Rapidly developing technologies seem to pop up out of the ether whenever you’re not looking. In addition, startups keep moving the goalposts on what it means to be agile so it’s very easy to feel as if you will never catch up. Advancements in cloud services (AWS, Azure, Firebase), CMS (Drupal, Wordpress, Joomla), and low-code solutions (Squarespace, Retool, Zapier) have redefined the landscape.

Compliance with legal regulations can be a chore. It’s not likely to show up on your list of the most exciting topics.

You’ve likely considered hosting your website in the cloud, on a platform like Amazon Web Services (AWS). AWS has a shared responsibility model, which means you’re still responsible for securing your website. AWS handles the security of the hardware and data centers, but you’re responsible for securing your code and user data.

In today's environment, secure development is a must. Secure SDLC practices do exist. However, some are more geared toward a waterfall style development process.

Many companies focus only on code when discussing website security.

Building a web application opens up multiple possibilities for mind-blowing functionality and user experiences.

As the IT industry’s focus on security has increased, so has the number of options for testing your website’s security. The number of vendors has exploded, too.