The continuous adoption of service-oriented architecture (SOA) and web services across vertical industries, geographies, and organization sizes generates new major security concerns both for individuals and organizations. Many of the features that make web services attractive, including greater accessibility of data, dynamic application-to-application connections, and relative autonomy are at odds with traditional security models and controls. Current web service composition technologies still present serious risks to individual and enterprise security and privacy. In the presence of multiple providers that coordinate to provide a composite web service, these issues are amplified. Web services security, privacy, and forensics investigations are therefore becoming a serious concern, especially with the tremendous increase in cybernetic crimes. The aim of this work is to draw a comprehensive overview about security aspects related to web services composition by considering different branches related to security, privacy, and forensics investigations. For each security aspect, the problem statement and related works are discussed. Then, a proposed approach to deal with the aspect under consideration is presented.