When customers interact with your business, they most likely go through a Web application first. It's your company's public face -- and by virtue of that exposure, an obvious point of vulnerability.

Most attacks against Web applications are stealthy and hard to spot. That's a problem, because once attackers get in, they lurk undetected on networks for an average of 205 days, according to the 2015 Verizon Data Breach Investigations Report. Most organizations find out they've been compromised from someone else, such as when they get a call from law enforcement or an irate customer.

[ Watch out for 11 signs you've been hacked -- and learn how to fight back, in InfoWorld's PDF special report. | Discover how to secure your systems with InfoWorld's Security newsletter. ]

How can you tell if your Web application has been hacked? "When your Web application is compromised, it will start to do things out of the ordinary," says Steve Durbin, managing director of Information Security Forum. The key is to gain a thorough understanding of what constitutes normal behavior for your application, then keep your eyes peeled for aberrations.

Here are five signs your Web application has been compromised -- and where to begin your investigation. You'll also find some commonsense advice about securing your Web application, whether or not you've been hacked.

Sign No. 1: The application is not doing what it was designed to do

Monitoring applications is the single best way to notice when something suspicious is occurring.

Perhaps the application now takes much longer to render the results page from the database than it used to. Perhaps the application is displaying pages at unexpected times or redirecting users to a different page. Perhaps network traffic has increased, but there's no accompanying marketing campaign to explain the surge. A small Web shop that normally sees about 50 orders a day, for example, should question a day with 5,000 orders.

These are not necessarily indicators a Web application has been compromised, of course. Slow page loads can easily result from temporary connectivity issues -- or even a DDoS attack, if you think attackers would have any reason to launch one. But it's always better to investigate something screwy right away instead of waiting for...