How LinkedIn Secures Its Members and Itself | eWeek

How LinkedIn Secures Its Members and Itself

How LinkedIn Secures Its Members and Itself
Aug 11, 2015
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

LinkedIn is among the world’s most popular social networking platforms with over 300 million members. With all those members, there is a whole lot of personal data and many reasons why attackers might see LinkedIn as an attractive target. Protecting LinkedIn and its members is the job of Cory Scott, director of information security at LinkedIn, and his team, and it’s a job that involves integrating security throughout the LinkedIn platform.

In a video interview with eWEEK, Scott details the process and some of the security technologies used by LinkedIn.

“It’s not our data; it’s our members’ data and we always evaluate products through that lens,” Scott said.

Scott explained that it’s important that members who have a legitimate need get access to data, while at the same time making sure that data is not scraped wholesale. LinkedIn also supports multiple forms of access control, including two-factor authentication (2FA), to help further protect user accounts. Going a step further, Scott commented that if LinkedIn notices that a member’s credentials have shown up somewhere on the Internet in a password dump, LinkedIn will proactively reset the user’s password.

From a platform perspective, Scott said that LinkedIn’s security staff has the concept of “office hours” where product groups can come to his team with questions or concerns. Additionally, LinkedIn products go through a security evaluation as part of the production deployment process.

In an effort to further help its developers, LinkedIn also has taken some proactive steps to improve Web security. One of those steps is found in LinkedIn’s site template.

“Our template language for LinkedIn automatically escapes all active content to prevent cross-site scripting [CSS] vulnerabilities,” Scott said. “So the developers don’t have to worry about that.”

Watch the full video interview with Cory Scott below:


Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.