Websites offered free anti-hijack scans
Qualys service roots out bad code.
By John E. Dunn | Techworld | Published: 15:55, 01 March 2010
Web admins and owners are being offered a free service that will scan their sites for malware hijacks, alerting them automatically if malicious code is found.
The QualysGuard Malware Detection, launched as a beta this week, uses a combination of ‘static' and behavioural analysis to take a closer look at web pages under a given domain, studying them for code irregularities that could spell trouble.
Static analysis is basically a technique for hunting down common forms of suspect code found on compromised web pages, while the behavioural goes a stage further by actually running each page in a virtualised but unpatched Windows PC and browser to see what it actually does. Run daily, if the service discovers a problem, website admins are informed right down to the specific slices of code on specific pages.
Related Articles on Techworld
"The more exposure we get, the more intelligence we get on malware," said Qualys's product marketing VP, Terry Ramos, explaining how scanning millions of URLs every day would also feed back into the company's wider vulnerability scanning services.
Although offered for free, Qualys will offer website owners the option to buy a ‘seal of approval' in the form of the new Qualys Secure logo, which the company also hopes will become a widely-respected standard for secure sites. This will cost $995 (£667) per domain, regardless of the number of pages, with a recurring fee of $795 (£532).
Defending against web hacks in advance can be an expensive and uncertain business, but the tagging of ‘free' to site remediation will probably be a welcome development for companies without a protection system in place.
There is plenty of evidence that planting code on legitimate websites has become one of the commonest ways for malware-spreaders to get around user caution and reputation services, with numerous high-profile hacks reported. The bonus of the Qualys service is that it offers a layer of protection. What it doesn't do is help a site admin remove the offending code or stop the issue from recurring.
Any companies or individuals interested in the service can sign up on the Qualys website. The service is due to remain in beta form for "three to four months," indicated Ramos.
