Free service provides critical early warning system for businesses if their sites contain code that could see them blacklisted.
Comodo, a certificate authority and Internet security solutions provider, has released SiteInspector, a free malware scanning and blacklist monitoring for Web sites. The free service allows Web site owners to set up recurring, daily checks on any 3 pages of a domain. If malware is discovered or if the Web site is found on any one of a range of Web site blacklisting services, then the account owner is immediately notified via email. Comodo believe this early warning system will save thousands of innocent Web site owners per year from the potentially catastrophic effects of seeing their Web site blacklisted.
Traditionally, viruses and malware were activated only after proactive user interaction (for example, double clicking on an infected mail attachment). Unfortunately, hackers today are far more adept at distributing their malicious code and a 'drive-by-download' malware attack can be triggered simply because a user visits a web page. Perhaps more alarming is that the owner of the Web site can often be unaware that their site is hosting this malware
Hackers use a wide variety of cross-site scripting (XSS) techniques to invisibly insert malicious code on target Web sites and in some cases, even use served ads as a delivery mechanism. Whatever the technique used, once a service like Google Safe Browsing, PhishTank or Malwaredomainlist discovers malware on a site, they will place it on their official blacklist. In the case of the massively influential Google, this can be a devastating reputation and traffic killer for the Web site in question as all visitors will be shown a warning message stating 'Visiting this site may harm your computer'.
The free service includes:
- Automatically recurring, daily malware scans on 3 pages of a domain
- Daily checks that a Web site is not present on major Internet blacklists
- Immediate notification via email if a problem of any type is detected
- In-application reporting and threat mitigation advice if malware is found
- Fast sign up and easy to use online interface so users can be up and running in minutes
SiteInspector tests Web pages for malware from a 'customer's point of view'. To do this, it downloads all specified pages and runs them in a sandboxed browser environment. If the browser attempts to execute a malicious activity; crashes; downloads a suspicious file; changes registry entries or exhibits behavior consistent with malware, then it's flagged as malicious. A notification email will also be sent to the account holder.
"SiteInspector dramatically reduces the time between problem identification to problem resolution for business Web sites," said Melih Abduhayoglu, Comodo CEO and Chief Architect. "No longer will businesses have to wait for angry customers to complain that their Web site contains malicious content. To take advantage of this essential service, webmasters just need to take a few minutes to sign up and configure the service. SiteInspector will do the rest."
SiteInspector technology is also built into Comodo's secure Internet Browser, Comodo Dragon. User's can quickly run a malware scan on the page they are visiting by clicking the Site Inspector icon at the top right of the Dragon interface.
Website owners interested in enrolling their Web site for the service can sign up free at Siteinspector.comodo.com/public.