{"id":2880,"date":"2017-06-07T13:13:48","date_gmt":"2017-06-07T13:13:48","guid":{"rendered":"https:\/\/www.openbusinesscouncil.org\/?p=2880"},"modified":"2020-02-27T09:01:37","modified_gmt":"2020-02-27T09:01:37","slug":"tripwire-research-reveals-danger-of-using-freelance-web-developers","status":"publish","type":"post","link":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/","title":{"rendered":"Tripwire Research Reveals Danger of Using Freelance Web Developers"},"content":{"rendered":"<figure id=\"attachment_2881\" aria-describedby=\"caption-attachment-2881\" style=\"width: 1920px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/www.openbusinesscouncil.org\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"size-full wp-image-2881\" src=\"https:\/\/www.openbusinesscouncil.org\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920.jpg\" alt=\"Tripwire Research Reveals Danger of Using Freelance Web Developers\" width=\"1920\" height=\"1440\" srcset=\"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920.jpg 1380w, https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920-300x225.jpg 300w, https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920-768x576.jpg 768w, https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920-1024x768.jpg 1024w, https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920-263x198.jpg 263w\" sizes=\"(max-width: 1920px) 100vw, 1920px\" \/><\/a><figcaption id=\"caption-attachment-2881\" class=\"wp-caption-text\">Tripwire Research Reveals Danger of Using Freelance Web Developers<\/figcaption><\/figure>\n<h2>Tripwire Research Reveals Danger of Using Freelance Web Developers<\/h2>\n<p>Research team finds websites built by freelance developers plagued with critical security failures<\/p>\n<p align=\"center\">Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today released findings from research investigating the dangers of turning over web development to an unqualified third party. Specifically, the research revealed that websites developed by \u201cbudget\u201d developers, without portfolios or references, tend to be plagued with critical security failures.<\/p>\n<p>For this project, The Tripwire Vulnerability and Exposure Research Team (VERT) took on a non-technical persona and hired nearly 20 developers to create a website, with bids going up to $250. Each developer\u2019s sole job would be to provide source code for a website with specific required functions, utilizing a particular technology stack, in nine days.<br \/>\nTripwire VERT wanted to identify backdoors, hard-coded passwords and vulnerabilities within each website. Of the 17 commissioned projects, 10 websites were completed and purchased.<\/p>\n<h2>VERT found that every website had critical security failures.\u00a0 Some notable findings were:<\/h2>\n<ul>\n<li>Every website failed to protect any documents from unauthorized users.<\/li>\n<li>None of the websites effectively prevented hackers from uploading a backdoor, which would provide them complete control over the website\u2019s content and data.<\/li>\n<li>Several websites had authentication bypass through basic SQL injection, which would make it easy for an anonymous user to gain access and take over the server.<\/li>\n<li>Half of the websites contained SQL injection flaws that would allow attackers to manipulate website content and access customer data, as well as take control of the database server for use in other hacking campaigns.<\/li>\n<\/ul>\n<p>\u201cIt came as no surprise to find that every single website was plagued with critical security failures,\u201d said Craig Young, principal security researcher at Tripwire. \u201cThe process was riddled with communication issues and questionable practices from beginning to end.\u201d<br \/>\n\u201cIf this were a real business project, it would have run over budget, past the deadline and have been very difficult to manage. On top of all that, the customer would have been left with an insecure website,\u201d Young added. \u201cWe cannot reasonably expect data breaches to decrease if websites built by developers are not made with basic security measures built in.\u201d<br \/>\nWhile Tripwire VERT does not recommend relying on low-budget freelance site development, here are a few tips to consider when it is necessary:<\/p>\n<h2>Before Hiring:<\/h2>\n<ul>\n<li>Get a sense of whether the candidate will be well-suited for the job. Do they have experience with the necessary technology, and can they clearly restate your requirements in their own words?<\/li>\n<li>Language barriers and time zone differences also play a role, so be sure that you can clearly communicate with them and that they\u2019ll be available during reasonable business hours.<\/li>\n<li>Beware of fake reviews or other tricks. Be suspicious of multiple reviews in a short period by the same set of people or with very similar writing styles.<\/li>\n<li>Make clear up front that a successful security review will be an acceptance criterion.<\/li>\n<\/ul>\n<h2>During the Project:<\/h2>\n<ul>\n<li>Discuss appropriate project milestones so that you may review the work to see that it\u2019s progressing appropriately.<\/li>\n<li>Security should be baked in from the beginning. If you have a programming background, looking at the source to verify it uses \u201csafe\u201d functions consistently is an excellent idea. If not, consult with trusted partners who can help you learn what to look for.<\/li>\n<\/ul>\n<h2>Upon Completion:<\/h2>\n<ul>\n<li>The finished product should at a minimum be scanned by a web application vulnerability scanner and ideally evaluated by a professional penetration tester before final payment is made. Third-party components can be a significant source of vulnerabilities as well, so it\u2019s important to work with the contractor to create a list of all such components along with how to check for and install updates.<\/li>\n<li>A plan must be developed to delegate responsibility for keeping application and operating system components up to date and free from known vulnerabilities. Ongoing security reviews should also be performed to make sure nothing is missed and that new attack techniques do not apply to the application.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Tripwire Research Reveals Danger of Using Freelance Web Developers Research team finds websites built by freelance developers plagued with critical security failures Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today released findings from research investigating the dangers of turning over web development to an unqualified third [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":2881,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mo_disable_npp":""},"categories":[25],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v18.1 (Yoast SEO v19.7.2) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Tripwire Research Reveals Danger of Using Freelance Web Developers<\/title>\n<meta name=\"description\" content=\"Are you looking to recruit Freelance web developers? Tripwire Research Reveals Danger of Using Freelance Web Developers, Read this article before using.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Tripwire Research Reveals Danger of Using Freelance Web Developers\" \/>\n<meta property=\"og:description\" content=\"Are you looking to recruit Freelance web developers? Tripwire Research Reveals Danger of Using Freelance Web Developers, Read this article before using.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\" \/>\n<meta property=\"og:site_name\" content=\"OpenBusinessCouncil Directory\" \/>\n<meta property=\"article:published_time\" content=\"2017-06-07T13:13:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-27T09:01:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1380\" \/>\n\t<meta property=\"og:image:height\" content=\"1035\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Maria Fonseca\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Maria Fonseca\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\"},\"author\":{\"name\":\"Maria Fonseca\",\"@id\":\"https:\/\/www.footballthink.com\/#\/schema\/person\/ce211313a98c67c5981c5003d50e8841\"},\"headline\":\"Tripwire Research Reveals Danger of Using Freelance Web Developers\",\"datePublished\":\"2017-06-07T13:13:48+00:00\",\"dateModified\":\"2020-02-27T09:01:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\"},\"wordCount\":697,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.footballthink.com\/#organization\"},\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\",\"url\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\",\"name\":\"Tripwire Research Reveals Danger of Using Freelance Web Developers\",\"isPartOf\":{\"@id\":\"https:\/\/www.footballthink.com\/#website\"},\"datePublished\":\"2017-06-07T13:13:48+00:00\",\"dateModified\":\"2020-02-27T09:01:37+00:00\",\"description\":\"Are you looking to recruit Freelance web developers? Tripwire Research Reveals Danger of Using Freelance Web Developers, Read this article before using.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.footballthink.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tripwire Research Reveals Danger of Using Freelance Web Developers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.footballthink.com\/#website\",\"url\":\"https:\/\/www.footballthink.com\/\",\"name\":\"OpenBusinessCouncil Directory\",\"description\":\"Openbusinesscouncil\",\"publisher\":{\"@id\":\"https:\/\/www.footballthink.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.footballthink.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Organization\",\"Place\"],\"@id\":\"https:\/\/www.footballthink.com\/#organization\",\"name\":\"openbusinesscounsil\",\"url\":\"https:\/\/www.footballthink.com\/\",\"sameAs\":[],\"logo\":{\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#local-main-organization-logo\"},\"image\":{\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#local-main-organization-logo\"},\"openingHoursSpecification\":[{\"@type\":\"OpeningHoursSpecification\",\"dayOfWeek\":[\"Monday\",\"Tuesday\",\"Wednesday\",\"Thursday\",\"Friday\",\"Saturday\",\"Sunday\"],\"opens\":\"09:00\",\"closes\":\"17:00\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.footballthink.com\/#\/schema\/person\/ce211313a98c67c5981c5003d50e8841\",\"name\":\"Maria Fonseca\",\"description\":\"Maria Fonseca is the Editor and Infographic Artist for IntelligentHQ. She is also a thought leader writing about social innovation, sharing economy, social business, and the commons. Aside her work for IntelligentHQ, Maria Fonseca is a visual artist and filmmaker that has exhibited widely in international events such as Manifesta 5, Sao Paulo Biennial, Photo Espana, Moderna Museet in Stockholm, Joshibi University and many others. She concluded her PhD on essayistic filmmaking , taken at University of Westminster in London and is preparing her post doc that will explore the links between creativity and the sharing economy.\",\"url\":\"https:\/\/www.footballthink.com\/author\/mfonseca\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#local-main-organization-logo\",\"url\":\"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/04\/logo_big.png\",\"contentUrl\":\"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/04\/logo_big.png\",\"width\":1161,\"height\":250,\"caption\":\"openbusinesscounsil\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Tripwire Research Reveals Danger of Using Freelance Web Developers","description":"Are you looking to recruit Freelance web developers? Tripwire Research Reveals Danger of Using Freelance Web Developers, Read this article before using.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/","og_locale":"en_US","og_type":"article","og_title":"Tripwire Research Reveals Danger of Using Freelance Web Developers","og_description":"Are you looking to recruit Freelance web developers? Tripwire Research Reveals Danger of Using Freelance Web Developers, Read this article before using.","og_url":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/","og_site_name":"OpenBusinessCouncil Directory","article_published_time":"2017-06-07T13:13:48+00:00","article_modified_time":"2020-02-27T09:01:37+00:00","og_image":[{"width":1380,"height":1035,"url":"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/06\/web-design-2038872_1920.jpg","type":"image\/jpeg"}],"author":"Maria Fonseca","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Maria Fonseca","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#article","isPartOf":{"@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/"},"author":{"name":"Maria Fonseca","@id":"https:\/\/www.footballthink.com\/#\/schema\/person\/ce211313a98c67c5981c5003d50e8841"},"headline":"Tripwire Research Reveals Danger of Using Freelance Web Developers","datePublished":"2017-06-07T13:13:48+00:00","dateModified":"2020-02-27T09:01:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/"},"wordCount":697,"commentCount":0,"publisher":{"@id":"https:\/\/www.footballthink.com\/#organization"},"articleSection":["News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/","url":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/","name":"Tripwire Research Reveals Danger of Using Freelance Web Developers","isPartOf":{"@id":"https:\/\/www.footballthink.com\/#website"},"datePublished":"2017-06-07T13:13:48+00:00","dateModified":"2020-02-27T09:01:37+00:00","description":"Are you looking to recruit Freelance web developers? Tripwire Research Reveals Danger of Using Freelance Web Developers, Read this article before using.","breadcrumb":{"@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.footballthink.com\/"},{"@type":"ListItem","position":2,"name":"Tripwire Research Reveals Danger of Using Freelance Web Developers"}]},{"@type":"WebSite","@id":"https:\/\/www.footballthink.com\/#website","url":"https:\/\/www.footballthink.com\/","name":"OpenBusinessCouncil Directory","description":"Openbusinesscouncil","publisher":{"@id":"https:\/\/www.footballthink.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.footballthink.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Organization","Place"],"@id":"https:\/\/www.footballthink.com\/#organization","name":"openbusinesscounsil","url":"https:\/\/www.footballthink.com\/","sameAs":[],"logo":{"@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#local-main-organization-logo"},"image":{"@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#local-main-organization-logo"},"openingHoursSpecification":[{"@type":"OpeningHoursSpecification","dayOfWeek":["Monday","Tuesday","Wednesday","Thursday","Friday","Saturday","Sunday"],"opens":"09:00","closes":"17:00"}]},{"@type":"Person","@id":"https:\/\/www.footballthink.com\/#\/schema\/person\/ce211313a98c67c5981c5003d50e8841","name":"Maria Fonseca","description":"Maria Fonseca is the Editor and Infographic Artist for IntelligentHQ. She is also a thought leader writing about social innovation, sharing economy, social business, and the commons. Aside her work for IntelligentHQ, Maria Fonseca is a visual artist and filmmaker that has exhibited widely in international events such as Manifesta 5, Sao Paulo Biennial, Photo Espana, Moderna Museet in Stockholm, Joshibi University and many others. She concluded her PhD on essayistic filmmaking , taken at University of Westminster in London and is preparing her post doc that will explore the links between creativity and the sharing economy.","url":"https:\/\/www.footballthink.com\/author\/mfonseca\/"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.footballthink.com\/tripwire-research-reveals-danger-of-using-freelance-web-developers\/#local-main-organization-logo","url":"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/04\/logo_big.png","contentUrl":"https:\/\/www.footballthink.com\/wp-content\/uploads\/2017\/04\/logo_big.png","width":1161,"height":250,"caption":"openbusinesscounsil"}]}},"_links":{"self":[{"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/posts\/2880"}],"collection":[{"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/comments?post=2880"}],"version-history":[{"count":1,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/posts\/2880\/revisions"}],"predecessor-version":[{"id":10792,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/posts\/2880\/revisions\/10792"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/media\/2881"}],"wp:attachment":[{"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/media?parent=2880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/categories?post=2880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.footballthink.com\/wp-json\/wp\/v2\/tags?post=2880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}