{"id":914,"date":"2018-08-22T09:55:45","date_gmt":"2018-08-22T09:55:45","guid":{"rendered":"https:\/\/devexperts.com\/blog\/?p=914"},"modified":"2022-05-18T10:47:48","modified_gmt":"2022-05-18T10:47:48","slug":"security-flaws-in-trading-platforms","status":"publish","type":"post","link":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/","title":{"rendered":"Security Flaws in Trading Platforms"},"content":{"rendered":"\n<p>A recent <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2018-08-09\/trading-apps-expose-investors-to-cyber-criminals-report-finds\">report<\/a> on security issues of popular trading platforms has attracted wide audience attention to this important aspect. Thanks to watchdogs such as IOActive, product owners\u2019 platforms have experienced a stress test and problem areas have been rapidly tweaked to prevent much worse security incidents.<\/p>\n\n\n\n<p>Fortunately, that doesn\u2019t mean that the budget to develop a quality trading platform has to be tripled. As with any other types of risks, security risks should be addressed using a thorough risk management methodology: identify and assess the risks, maintain the risk register, plan risk responses and take into account the urgency, probability and impact of each risk. Consider the industry\u2019s best practices and stakeholders\u2019 risk appetite, perform qualitative and quantitative analysis and conclude if a particular risk shall be mitigated, avoided, transferred or&#8230; accepted. There are numerous situations where it is not cost-effective to address a risk in any other way.<\/p>\n\n\n\n<p>Let\u2019s consider a risk management scenario. For example, a trading platform supports DLL imports, used by algo traders, who install third-party plugins. The inclusion of this feature creates the risk that a malicious code could be injected together with the DLL, but the import of DLLs is an integral part of any application development. After assessing the risk, the product owner decides to mitigate it by showing warnings about possible consequences, but preserving the product for the target users. Would you rather abandon the broad audience of algo traders instead?<\/p>\n\n\n\n<p>Security is without a question hugely important. It is of course unacceptable to leave sensitive information in plain text, such as personal data or passwords. Brokers should carefully plan for compliance, confidentiality, integrity and availability of the trading platforms, and at the same time pursue a pragmatic approach and think about the overall user experience.<\/p>\n\n\n\n<p>If you want to discuss the development of a secure trading platform, come and talk to us. Devexperts have been developing tailored solutions for the capital markets industry since 2002.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A recent report on security issues of popular trading platforms has attracted wide audience attention to this important aspect. Thanks &hellip; <\/p>\n","protected":false},"author":7,"featured_media":1385,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2021],"tags":[49],"class_list":["post-914","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-brokerage","tag-trading-platform"],"acf":{"nifty_post_card_image":null,"nifty_post_card_index_big":null,"nifty_post_inner_image":null,"nifty_post_card_banner":null},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Security Flaws in Trading Platforms \u2013 Devexperts Blog<\/title>\n<meta name=\"description\" content=\"Devexperts comments on the recent report by IOActive on security gaps and the importance of risk management methodology when building trading platforms.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Flaws in Trading Platforms\" \/>\n<meta property=\"og:description\" content=\"Devexperts comments on the recent report by IOActive on security gaps and the importance of risk management methodology when building trading platforms.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\" \/>\n<meta property=\"og:site_name\" content=\"Devexperts Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/devexperts\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-22T09:55:45+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-05-18T10:47:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png\" \/>\n\t<meta property=\"og:image:width\" content=\"3840\" \/>\n\t<meta property=\"og:image:height\" content=\"700\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@devexperts\" \/>\n<meta name=\"twitter:site\" content=\"@devexperts\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\"},\"headline\":\"Security Flaws in Trading Platforms\",\"datePublished\":\"2018-08-22T09:55:45+00:00\",\"dateModified\":\"2022-05-18T10:47:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\"},\"wordCount\":331,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/devexperts.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png\",\"keywords\":[\"trading platform\"],\"articleSection\":[\"Brokerage Business\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\",\"url\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\",\"name\":\"Security Flaws in Trading Platforms \u2013 Devexperts Blog\",\"isPartOf\":{\"@id\":\"https:\/\/devexperts.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png\",\"datePublished\":\"2018-08-22T09:55:45+00:00\",\"dateModified\":\"2022-05-18T10:47:48+00:00\",\"description\":\"Devexperts comments on the recent report by IOActive on security gaps and the importance of risk management methodology when building trading platforms.\",\"breadcrumb\":{\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage\",\"url\":\"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png\",\"contentUrl\":\"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png\",\"width\":3840,\"height\":700},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/devexperts.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Flaws in Trading Platforms\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/devexperts.com\/blog\/#website\",\"url\":\"https:\/\/devexperts.com\/blog\/\",\"name\":\"Devexperts Blog\",\"description\":\"We make complex finance ideas on technology, innovation and business simple\",\"publisher\":{\"@id\":\"https:\/\/devexperts.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/devexperts.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/devexperts.com\/blog\/#organization\",\"name\":\"Devexperts LLC\",\"url\":\"https:\/\/devexperts.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devexperts.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/devexperts.com\/blog\/app\/uploads\/2019\/08\/DX-logo.png\",\"contentUrl\":\"https:\/\/devexperts.com\/blog\/app\/uploads\/2019\/08\/DX-logo.png\",\"width\":167,\"height\":30,\"caption\":\"Devexperts LLC\"},\"image\":{\"@id\":\"https:\/\/devexperts.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/devexperts\/\",\"https:\/\/x.com\/devexperts\",\"https:\/\/www.linkedin.com\/company\/devexperts\",\"https:\/\/www.youtube.com\/channel\/UCF3FRmes2KrcVsTXQ1aAB5w\/featured\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Security Flaws in Trading Platforms \u2013 Devexperts Blog","description":"Devexperts comments on the recent report by IOActive on security gaps and the importance of risk management methodology when building trading platforms.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/","og_locale":"en_US","og_type":"article","og_title":"Security Flaws in Trading Platforms","og_description":"Devexperts comments on the recent report by IOActive on security gaps and the importance of risk management methodology when building trading platforms.","og_url":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/","og_site_name":"Devexperts Blog","article_publisher":"https:\/\/www.facebook.com\/devexperts\/","article_published_time":"2018-08-22T09:55:45+00:00","article_modified_time":"2022-05-18T10:47:48+00:00","og_image":[{"width":3840,"height":700,"url":"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_creator":"@devexperts","twitter_site":"@devexperts","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#article","isPartOf":{"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/"},"headline":"Security Flaws in Trading Platforms","datePublished":"2018-08-22T09:55:45+00:00","dateModified":"2022-05-18T10:47:48+00:00","mainEntityOfPage":{"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/"},"wordCount":331,"commentCount":0,"publisher":{"@id":"https:\/\/devexperts.com\/blog\/#organization"},"image":{"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage"},"thumbnailUrl":"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png","keywords":["trading platform"],"articleSection":["Brokerage Business"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/","url":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/","name":"Security Flaws in Trading Platforms \u2013 Devexperts Blog","isPartOf":{"@id":"https:\/\/devexperts.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage"},"image":{"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage"},"thumbnailUrl":"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png","datePublished":"2018-08-22T09:55:45+00:00","dateModified":"2022-05-18T10:47:48+00:00","description":"Devexperts comments on the recent report by IOActive on security gaps and the importance of risk management methodology when building trading platforms.","breadcrumb":{"@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#primaryimage","url":"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png","contentUrl":"https:\/\/devexperts.com\/blog\/app\/uploads\/2018\/08\/security-tp.png","width":3840,"height":700},{"@type":"BreadcrumbList","@id":"https:\/\/devexperts.com\/blog\/security-flaws-in-trading-platforms\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/devexperts.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security Flaws in Trading Platforms"}]},{"@type":"WebSite","@id":"https:\/\/devexperts.com\/blog\/#website","url":"https:\/\/devexperts.com\/blog\/","name":"Devexperts Blog","description":"We make complex finance ideas on technology, innovation and business simple","publisher":{"@id":"https:\/\/devexperts.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/devexperts.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/devexperts.com\/blog\/#organization","name":"Devexperts LLC","url":"https:\/\/devexperts.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devexperts.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/devexperts.com\/blog\/app\/uploads\/2019\/08\/DX-logo.png","contentUrl":"https:\/\/devexperts.com\/blog\/app\/uploads\/2019\/08\/DX-logo.png","width":167,"height":30,"caption":"Devexperts LLC"},"image":{"@id":"https:\/\/devexperts.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/devexperts\/","https:\/\/x.com\/devexperts","https:\/\/www.linkedin.com\/company\/devexperts","https:\/\/www.youtube.com\/channel\/UCF3FRmes2KrcVsTXQ1aAB5w\/featured"]}]}},"_links":{"self":[{"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/posts\/914","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/comments?post=914"}],"version-history":[{"count":9,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/posts\/914\/revisions"}],"predecessor-version":[{"id":1386,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/posts\/914\/revisions\/1386"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/media\/1385"}],"wp:attachment":[{"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/media?parent=914"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/categories?post=914"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devexperts.com\/blog\/wp-json\/wp\/v2\/tags?post=914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}