VeriSign offers free web site malware scanning

[grr]

VeriSign offers free web site malware scanning
SSL programme provides certification for safe sites


VeriSign is expanding its SSL certification programme into malware scanning, allowing administrators to display a certification confirming that the site is free of malware attack code.

The service will perform daily scans on a site's HTML code, checking for malicious injections such as iFrames and scripts that redirect to attack sites known as 'drive-by downloads'.

If an attack is spotted, the certification is removed from the site and the administrator is notified of the breach. After removing the attack code, the administrator can contact VeriSign and have the certification image displayed again.

Tim Callan, vice president of marketing at VeriSign, told V3.co.uk that the malware scans are a natural evolution from the company's SSL certification programme launched in 2004.

"In the last few years we've seen the emergence of malware as an attack vector, and the really insidious driver of this is the drive-by download," he said. "The threat landscape has changed and we think there's an opportunity to make a difference."

VeriSign will also extend the certification programme into the web search market with Seal in Search, which will place VeriSign seals next to verified sites in search results.

Callan claimed that the service will be particularly useful to comparison shopping services that comb retail sites. Early tests have shown that search results carrying the seal are 18 per cent more likely to be clicked on by surfers.

Seal in Search is currently available on retail search engines TheFind and PriceGrabber, as well as AVG's Linkscanner security tool.

VeriSign is making the malware scanning and Seal in Search features available at no extra cost to all SSL subscribers in the US.

The company will extend the services throughout Europe within the next three months, and around the globe by the end of the year.

Source

[hellnoire]

A certain someone should do this after the big stink that got made over their security certificate problems.... *coughComodocough*

[noaccount]

yes this looks promising

[luffy]

404 Page Not Found.

[grr]

404 Page Not Found.

where?

[INDRANIL]

Thanks for the share.

[Ande]

Oh sure, let them run all over your site and check all of your code.
Do they sign a non-disclosure agreement first? I think not.

[kavinraja]

Oh sure, let them run all over your site and check all of your code.
Do they sign a non-disclosure agreement first? I think not.

I guess they have.

But i think that won't bother. Scanning is somewhat different from actual reading of files. So your site's info won't got out. Trust me. Lol.

[Ande]

Scanning is somewhat different from actual reading of files.

Howso? You can't check out a file without reading it. Otherwise it's magic.

[kavinraja]

Howso? You can't check out a file without reading it. Otherwise it's magic.

I said "actual reading". It means, if you read something , the contents will be stored in your mind, but in such scanning systems, the scan, inform and thats it. It won't send and save any of your site's files.

Verisign is a trusted organisation. Its like saying "I won't install Kaspersky or Avira in my PC, as they read my files".