Website Malware Detection - SecurePoint 360, LLC

[cs_content][cs_element_section _id=”1″ ][cs_element_row _id=”2″ ][cs_element_column _id=”3″ ][cs_element_headline _id=”4″ ][cs_element_button _id=”5″ ][/cs_element_column][/cs_element_row][/cs_element_section][cs_element_section _id=”11″ ][cs_element_row _id=”12″ ][cs_element_column _id=”13″ ][cs_element_text _id=”14″ ][cs_element_button _id=”15″ ][x_accordion][x_accordion_item title=”PG | Website Malware Detection Service” open=”true”]

Automated Scans for your website:

Scheduled daily scan of up to 1,000 pages enable us to proactively monitor your websites on an ongoing basis.

No Software to Install:

Nothing to install, no ongoing maintenance.

Quickly Identify and Eradicate Malware:

Detailed malware infection reports will be provided along with infected code for remediation. We provide a comprehensive view of scan activity, infected pages & malware infection trends.

Email & Zero Day Alerts:

Email alerts quickly notify organizations when infections are discovered. Utilizes behavioral analysis to provide zero-day malware detection.

Proactive Protection:

Through proactive action and continuous monitoring, we help secure your valuable information assets and establish the defenses you need to be safe, secure, and successful.

[/x_accordion_item][x_accordion_item title=”Frequently Asked Questions | Malware Detection Service” open=”false”]

Why is Website Malware Detection needed?

Website Malware Detection helps protect your organization’s reputation and keeps your website from being blacklisted by search engines by detecting malware that users may be infected with by visiting your site. Your organization doesn’t even have to be the source of the malware – it may be that third-party content from ad or metrics services that are utilized by your website that infects your users. But even if it isn’t your content, if your website is used as the conduit for the infection, your website may be blocked by search engines and your organization is at risk of losing revenue and sustaining reputational damage.

My website is behind a firewall and hosted by a reputable ISP. Am I really in any danger of getting malware on my site?

Yes! In research done by security company Sophos, they discovered that 21,000 web pages were getting infected every day. These web pages belong to innocent companies and individuals whose site had been compromised by cyber criminals. Many of these websites had security in place. The principle of ‘defense in depth’ means that you need multiple layers of security and detection to keep your systems safe, and website malware detection provides an additional necessary layer of detection.

How does Website Malware Detection work?

The service browses your website just a like a user would on a scheduled daily basis. The service employs four different types of detection methods to identify any potential malware.

1. Behavioral Analysis: The most powerful is advanced behavioral analysis that is performed via an instrumented browser that identifies when an infection takes place. Behavioral analysis does not rely on signatures so it can detect even zero-day malware, something signature based detection can’t match.

2. Reputation Checks: Links to external web pages are checked against reputation services to determine if they are untrusted.

3. Antivirus: The service downloads and scans documents such as PDFs on the site using antivirus software.

4. Heuristics: Pages are analyzed for commonly used JavaScript-based attacks.

Does Website Malware Detection impact my site?

No. The Website malware detection service browses your site just as a user would.

Is Website Malware Detection the same as using an antivirus program?

No. Antivirus programs attempt to find and stop malware from infecting a computer. But websites issue content not only from file systems, but from databases and from many third-party providers such as website advertising networks. That being said, antivirus is used by the website malware detection service to check for viruses in files – but AV alone isn’t reliable to identify websites that may be infecting users.

Does Website Malware Detection use signatures like my antivirus program to find malware on my website?

Website Malware Detection uses both signatures and the more advanced methods known as behavioral analysis. Signatures must find an exact match to the malware, which has become extremely difficult as cyber criminals have learned how to make small changes in every version of the installed code. Behavioral analysis tests to see if the website is modifying the browsing system in an abnormal way that would indicate it is infected. This is the most effective and advanced form of malware detection.

I know it is bad for the people who visit my website if they get infected from me, but does it have any direct effect on me or my website?

Yes. By delivering malware to visitors you incur a high risk of being added to blacklists from Google, Bing and other search engines, or URL blacklists from security vendors which will block visitors from getting to your website potentially damaging your valuable, hard earned brand reputation. The potential loss of revenue as a result of this could be devastating.

Do I need to install anything on my website to use the Website Malware Detection Service?

No. you just need to provide us the website URLs and provide us authorization to perform daily website malware detection/monitoring. Website Malware Detection will analyze your website from our servers in the cloud with no need for any software to be installed on your web server or in your website code.

How will I be notified if malware is found on my website?

Immediately upon completion of a scan, you will be sent an email if malware was found. In addition, reports provide all the details about the detected malware along with a prioritization of which malware issues you need to address first.

What should I do if malware is found on my website?

As some malware is more malicious than others, the website malware detection service reports and prioritizes the issues for you so can identify the malware you need to address first. Please carefully review the malware details provided by the Malware Detection service.

The ideal way to remove malware is to use a known, clean backup to restore your site. You need to be certain that the backup is clean and no changes have been made to the site since the backup.

To remove malicious code, remove the suspicious block of script identified by the service in the malware details. You can look at malware details per web page in the malware scan report.

These are additional ways you can identify malware within an affected web page:

• Look for cases of “<script src=” followed by a site or file that you don’t recognize as valid. To verify that a script file has been compromised, look a the contents of the script file and try to identify things that are out of place.

• Look for every “<iframe src” tag on your page and locate any that don’t belong. This “src” will usually point to a site not in your control and this is typically hidden using tags like “height=0 width=0” or “style=display.none”. Be aware that advertisers tend to use similar methods when doing legitimate ad tracing.

• Identify new files with suspicious or unknown names. Some files may also be in a suspicious location, such as .php file in your /images folder.

Once you have cleaned up your website, the website malware detection service will rescan the website to verify that the malicious code is gone. Important Note: Although removing malicious website code cleans up the problem on your website, it probably doesn’t close the hole that allowed the malware to be installed in the first place. Please ensure your machines are fully patched and updated with no current vulnerabilities.

How many web pages can I scan with the Website Malware Detection Service?

You may scan up to 1,000 pages per site.

What pages within my website are scanned by the Website Malware Detection Service?

When we configure the scan we need to enter the website or website URL. Generally, that means something like www.example.com, which to us is the same as example.com. We call this the root domain. If you had entered bad.example.com then that entire string would be the root domain. Finally, if you entered example.com/about_us, the system would use example.com as the root domain. Another way to say this is that the root domain is whatever FQDN is part of the text you enter into the website URL field.

Whatever is entered in the website URL field is the starting point of a scan. The crawler looks for all the links on that page and validates that they are OK [not on any blacklist]. Next, the entire page source is examined against our static [signature and heuristics] engine to see if there are any obviously malicious or inappropriate scripts on the page. Then the current page is rendered in specially configured browsers in one of our Virtual Machines [VM] to see if any malicious behaviors are detected.

From the starting page, all links that include the root domain as part of the URL are then scanned in the same way as just described. That means if you started at the root domain of example.com and on that page we discovered good.example.com, then that page would be scanned just as described and so on until all links for the entire site [or up to the page limit] were completed. That would include pages such as example.com/about_us and ugly.example.com/green/warts.

If you had entered good.example.com as the root domain then the scans would examine a different and more limited range of pages. It would start at good.example.com and if example.com was detected on that page it would only confirm that the link was not blacklisted, but it would not crawl the page or look at the contents of that page in any way nor would it render the contents of that page in the browser VM. The crawler does not go past the boundary set by the root domain.

Finally, if you entered example.com/about_us as the root domain, the system would start the scan on that page but use example.com as the root domain. Therefore, the limit of the scan would be based on example.com although the scan would start at example.com/about_us.

Will this scan data be used for any other purposes?

Yes. The scan data will be used in aggregate with other scans to improve the accuracy of the scanning service and to identify new threats and trends across the internet. The scan data is securely stored and handled. All use of the data is fully anonymized and can’t be tracked to any specific IP address or website, so there is no danger of information about your website ever being disclosed.

[/x_accordion_item][/x_accordion][/cs_element_column][cs_element_column _id=”19″ ][cs_element_button _id=”20″ ][cs_element_gap _id=”21″ ][x_feature_list][x_feature_box title=”Web Application Security Testing” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”bug”]Find, fix security holes in web applications, APIs. Discover, catalog and scan web applications for vulnerabilities and website misconfigurations.[/x_feature_box][x_feature_box title=”Vulnerability Scanning” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”search-plus”]Gain immediate, global visibility into where your IT systems might be vulnerable to the latest internet threats and how to protect them. Scan for vulnerabilities everywhere, accurately and efficiently. Scan systems anywhere, the perimeter, your internal network, and cloud environments (such as Amazon EC2). [/x_feature_box][x_feature_box title=”Risk Assessments” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”lock”]Risk Assessments are an ongoing part of a healthy Information Security Program. During risk assessments, organizations work to identify, understand and manage the risks affecting the confidentiality, Integrity and Availability of the organization’s Information assets and Information System infrastructure. [/x_feature_box][x_feature_box title=”Security and Awareness Training” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”key”]Get your employees the ongoing security education needed to combat the continuously evolving threat landscape.[/x_feature_box][x_feature_box title=”IT Policy & Control Development” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”edit”]IT policy and control development/maintenance is the foundation of a healthy security program. It lays out objectives, assigns responsibilities, and provides direction to protect your organization’s critical information assets. We help your organization evaluate current practices and then address gaps.[/x_feature_box][x_feature_box title=”Compliance Examination Preparation” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”check-square-o”]Organizations need to prove they are secure to compete. We help organization’s prepare for ISO, GDPR and SOC examinations by validating they have the right policies, processes and controls in place. [/x_feature_box][x_feature_box title=”Vendor & Partner Security Assessments” title_color=”” text_color=”” graphic=”icon” graphic_size=”50px” graphic_shape=”circle” graphic_color=”#ffffff” graphic_bg_color=”rgb(14, 116, 188)” align_h=”left” align_v=”top” side_graphic_spacing=”20px” max_width=”none” child=”true” connector_width=”px” connector_style=”dashed” connector_color=”#272727″ graphic_icon=”shield”]More and more companies are relying on business partners and vendors who need to also maintain a proper security program. Outsourcing services and processes to vendors provides flexibility, convenience and cost savings but can also introduce significant risks. We help ensure your vendors and partners have the right policies, processes and controls in place to meet your organizations’ security obligations. [/x_feature_box][/x_feature_list][cs_element_gap _id=”30″ ][cs_element_headline _id=”31″ ][cs_element_widget_area _id=”32″ ][/cs_element_column][/cs_element_row][/cs_element_section][cs_section parallax=”false” separator_top_type=”none” separator_top_height=”50px” separator_top_inset=”0px” separator_top_angle_point=”50″ separator_bottom_type=”none” separator_bottom_height=”50px” separator_bottom_inset=”0px” separator_bottom_angle_point=”50″ style=”margin: 0px;padding: 20px 0px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][x_custom_headline level=”h2″ looks_like=”h3″ accent=”false” class=”cs-ta-center”]Call us.[/x_custom_headline][cs_text class=”cs-ta-center”](973) 797-9270[/cs_text][x_gap size=”50px”][x_custom_headline level=”h2″ looks_like=”h3″ accent=”false” class=”cs-ta-center man”]Email us.[/x_custom_headline][cs_text class=”cs-ta-center”]info@securepoint360.com[/cs_text][/cs_column][/cs_row][/cs_section][/cs_content]