{"id":60,"date":"2023-11-21T07:45:00","date_gmt":"2023-11-21T07:45:00","guid":{"rendered":"https:\/\/www.cycognito.com\/blog\/?p=60"},"modified":"2025-03-13T10:59:28","modified_gmt":"2025-03-13T17:59:28","slug":"this-holiday-shopping-season-your-attack-surface-is-open-for-business","status":"publish","type":"post","link":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/","title":{"rendered":"This Holiday Shopping Season, Your Attack Surface is Open for Business"},"content":{"rendered":"\n<p>Cyber Monday is right around the corner. Celebrated on the Monday after Thanksgiving, this annual holiday has become one of the most anticipated shopping events each year since its inception in 2005.<\/p>\n\n\n\n<p>The National Retail Foundation and Adobe Analytics found that over 77 million people spent upwards of 11 billion dollars on Cyber Monday in 2022.<\/p>\n\n\n\n<p>This November 27 is no exception. Millions of consumers will flock to ecommerce websites in search of the best deals. Along the way, they will provide their personally identifiable information (PII) \u2013 credit cards, addresses, even passports \u2013 to carry out transactions.&nbsp;<\/p>\n\n\n\n<p>But can shoppers be assured that the sites they do business with are secure and compliant?&nbsp;<\/p>\n\n\n\n<p>CyCognito research reveals that, unbeknownst to them, consumer PII may be at great risk.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignleft size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1201\" height=\"628\" src=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png\" alt=\"\" class=\"wp-image-64\" srcset=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png 1201w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2-512x268.png 512w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2-768x402.png 768w\" sizes=\"auto, (max-width: 1201px) 100vw, 1201px\" \/><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">Cyber Monday Ecommerce Security Pitfalls<\/h2>\n\n\n\n<p>Ecommerce organizations, like many businesses today, live in the cloud. In fact, over half (52%) of ecommerce web apps are hosted in the cloud.<\/p>\n\n\n\n<p>But as our research has uncovered, ecommerce applications, cloud or not, are not without security gaps.&nbsp;<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Insecure Sockets, Unlocked Storefronts:&nbsp;<\/h5>\n\n\n\n<p>2% of ecommerce web apps still lack HTTPS. With over 26 million ecommerce stores worldwide, this figure could impact 520,000 sites.&nbsp;<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">WAFs are MIA:&nbsp;<\/h5>\n\n\n\n<p>Over a quarter (28%) of ecommerce web apps lack a web application firewall (WAF).<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignleft size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1201\" height=\"628\" src=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_02_v2.png\" alt=\"\" class=\"wp-image-65\" srcset=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_02_v2.png 1201w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_02_v2-512x268.png 512w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_02_v2-768x402.png 768w\" sizes=\"auto, (max-width: 1201px) 100vw, 1201px\" \/><\/figure><\/div>\n\n\n<p>One in four (24%) ecommerce web apps that collect PII are missing a WAF.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Keep an eye on PII:&nbsp;<\/h5>\n\n\n\n<p>58% of all ecommerce web apps collect user PII.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Missing cookies consent:<\/h5>\n\n\n\n<p>78% of all ecommerce web apps&nbsp;<em>fail&nbsp;<\/em>to ask users to consent to cookies, creating a potential compliance headache for the organization.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Buyer beware! \u2013 multiple security issues amp up risks<\/h2>\n\n\n\n<h5 class=\"wp-block-heading\">Trust issues:&nbsp;<\/h5>\n\n\n\n<p>13% of ecommerce web apps have certificate validity issues.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Broken protocols:&nbsp;<\/h5>\n\n\n\n<p>Nearly half (48%) of ecommerce web apps have one or more cryptographic vulnerabilities.&nbsp;<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Criminal discounts, critical issues:&nbsp;<\/h5>\n\n\n\n<p>2% of ecommerce web apps have at least one critical security issue. Half of those web apps contain PII.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignleft size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"628\" src=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/cycognito_03_v2.png\" alt=\"\" class=\"wp-image-66\" srcset=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/cycognito_03_v2.png 1200w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/cycognito_03_v2-512x268.png 512w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/cycognito_03_v2-768x402.png 768w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/figure><\/div>\n\n\n<p>Over three quarters (76%) of the critical issues found in ecommerce web apps are also easily exploitable.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Stung by OWASP:&nbsp;<\/h5>\n\n\n\n<p>7% of all ecommerce web apps under monitoring have at least one issue from the OWASP Top Ten list.&nbsp;<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Easy as (pumpkin) pie:&nbsp;<\/h5>\n\n\n\n<p>Almost one third (31%) of ecommerce web apps have at least one easily exploitable issue.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignleft size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"628\" src=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_01_v2.png\" alt=\"\" class=\"wp-image-67\" srcset=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_01_v2.png 1200w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_01_v2-512x268.png 512w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_01_v2-768x402.png 768w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">Cyber Monday is just once a year \u2013 active security testing shouldn\u2019t be<\/h2>\n\n\n\n<p>Cyber Monday is filled with urgency \u2013 the urgency of getting a good deal, on the shoppers\u2019 side, and the urgency of capitalizing on the biggest ecommerce days of the year for retailers. Cybercriminals take advantage of this urgency to exploit misconfigurations and vulnerabilities, which can cause massive reputational damage to inattentive organizations in the process.&nbsp;<\/p>\n\n\n\n<p>This holiday shopping season, retailers need to take the time to ensure that ecommerce websites aren\u2019t putting shoppers at risk. Checking for low-hanging fruit, like missing WAFs or expired certificates, can serve as indicators of more serious security issues.&nbsp;<\/p>\n\n\n\n<p>If your organization owns ecommerce sites, you need complete peace of mind. Prioritize actively testing across the entire ecosystem of ecommerce sites. By testing for all issues continuously, not just once a year or once a quarter, your security team will have time to identify, prioritize and remediate potentially serious vulnerabilities that could result in stolen PII and frustrated shoppers.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Methodology<\/h2>\n\n\n\n<p>For this report, CyCognito\u2019s research team aggregated and analyzed ecommerce web application assets across its customer base in September 2023. All findings are anonymized and normalized. These customers span multiple industry verticals and include a mix of small, medium, and large enterprises across the globe, including Fortune 500 companies.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignleft size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"973\" height=\"5120\" src=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/infographic_cyber-monday_november_2023-973x5120.jpg\" alt=\"\" class=\"wp-image-79\" srcset=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/infographic_cyber-monday_november_2023-973x5120.jpg 973w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/infographic_cyber-monday_november_2023-292x1536.jpg 292w, https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/infographic_cyber-monday_november_2023-389x2048.jpg 389w\" sizes=\"auto, (max-width: 973px) 100vw, 973px\" \/><\/figure><\/div>","protected":false},"excerpt":{"rendered":"<p>Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[229,3],"tags":[19,18,17,20,16],"class_list":["post-60","post","type-post","status-publish","format-standard","hentry","category-featured","category-research","tag-active-security-testing","tag-easm","tag-external-attack-surface-management","tag-infographic","tag-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>This Holiday Shopping Season, Your Attack Surface is Open for Business | CyCognito Blog<\/title>\n<meta name=\"description\" content=\"Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"This Holiday Shopping Season, Your Attack Surface is Open for Business | CyCognito Blog\" \/>\n<meta property=\"og:description\" content=\"Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\" \/>\n<meta property=\"og:site_name\" content=\"CyCognito Blog\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-21T07:45:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-13T17:59:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png\" \/>\n<meta name=\"author\" content=\"Emma Zaballos\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Emma Zaballos\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\"},\"author\":{\"name\":\"Emma Zaballos\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58\"},\"headline\":\"This Holiday Shopping Season, Your Attack Surface is Open for Business\",\"datePublished\":\"2023-11-21T07:45:00+00:00\",\"dateModified\":\"2025-03-13T17:59:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\"},\"wordCount\":611,\"publisher\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png\",\"keywords\":[\"Active Security Testing\",\"EASM\",\"External Attack Surface Management\",\"Infographic\",\"Research\"],\"articleSection\":[\"Featured\",\"Research\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\",\"url\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\",\"name\":\"This Holiday Shopping Season, Your Attack Surface is Open for Business | CyCognito Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png\",\"datePublished\":\"2023-11-21T07:45:00+00:00\",\"dateModified\":\"2025-03-13T17:59:28+00:00\",\"description\":\"Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage\",\"url\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png\",\"contentUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png\",\"width\":1201,\"height\":628},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.cycognito.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"This Holiday Shopping Season, Your Attack Surface is Open for Business\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#website\",\"url\":\"https:\/\/www.cycognito.com\/blog\/\",\"name\":\"Cycognito Blog\",\"description\":\"Research, Product News and Latest Updates\",\"publisher\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.cycognito.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\",\"name\":\"Cycognito\",\"url\":\"https:\/\/www.cycognito.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png\",\"contentUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png\",\"width\":1720,\"height\":550,\"caption\":\"Cycognito\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58\",\"name\":\"Emma Zaballos\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g\",\"caption\":\"Emma Zaballos\"},\"description\":\"Product Marketing Manager\",\"url\":\"https:\/\/www.cycognito.com\/blog\/author\/emma-zaballos\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"This Holiday Shopping Season, Your Attack Surface is Open for Business | CyCognito Blog","description":"Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/","og_locale":"en_US","og_type":"article","og_title":"This Holiday Shopping Season, Your Attack Surface is Open for Business | CyCognito Blog","og_description":"Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.","og_url":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/","og_site_name":"CyCognito Blog","article_published_time":"2023-11-21T07:45:00+00:00","article_modified_time":"2025-03-13T17:59:28+00:00","og_image":[{"url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png","type":"","width":"","height":""}],"author":"Emma Zaballos","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Emma Zaballos","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#article","isPartOf":{"@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/"},"author":{"name":"Emma Zaballos","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58"},"headline":"This Holiday Shopping Season, Your Attack Surface is Open for Business","datePublished":"2023-11-21T07:45:00+00:00","dateModified":"2025-03-13T17:59:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/"},"wordCount":611,"publisher":{"@id":"https:\/\/www.cycognito.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png","keywords":["Active Security Testing","EASM","External Attack Surface Management","Infographic","Research"],"articleSection":["Featured","Research"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/","url":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/","name":"This Holiday Shopping Season, Your Attack Surface is Open for Business | CyCognito Blog","isPartOf":{"@id":"https:\/\/www.cycognito.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png","datePublished":"2023-11-21T07:45:00+00:00","dateModified":"2025-03-13T17:59:28+00:00","description":"Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.","breadcrumb":{"@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#primaryimage","url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png","contentUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/CyCognito_04_v2.png","width":1201,"height":628},{"@type":"BreadcrumbList","@id":"https:\/\/www.cycognito.com\/blog\/this-holiday-shopping-season-your-attack-surface-is-open-for-business\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cycognito.com\/blog\/"},{"@type":"ListItem","position":2,"name":"This Holiday Shopping Season, Your Attack Surface is Open for Business"}]},{"@type":"WebSite","@id":"https:\/\/www.cycognito.com\/blog\/#website","url":"https:\/\/www.cycognito.com\/blog\/","name":"Cycognito Blog","description":"Research, Product News and Latest Updates","publisher":{"@id":"https:\/\/www.cycognito.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cycognito.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cycognito.com\/blog\/#organization","name":"Cycognito","url":"https:\/\/www.cycognito.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png","contentUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png","width":1720,"height":550,"caption":"Cycognito"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/42c314196e7f096a74bd885693643d58","name":"Emma Zaballos","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7ff812a5ab34a955a1e815e6719c68a7?s=96&d=mm&r=g","caption":"Emma Zaballos"},"description":"Product Marketing Manager","url":"https:\/\/www.cycognito.com\/blog\/author\/emma-zaballos\/"}]}},"_links":{"self":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/60","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/comments?post=60"}],"version-history":[{"count":8,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/60\/revisions"}],"predecessor-version":[{"id":83,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/60\/revisions\/83"}],"wp:attachment":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/media?parent=60"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/categories?post=60"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/tags?post=60"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}