Web page that is not attacked by security team or developers and testers before going to live can be considered as unsecure because nobody knows how it behaves under attacks. Unfortunately there are many web pages that are not secure and not event tested...