Web Security

To defend your site against the regular attacks the strategy should be to regularly scan a competently set up domain that is running current applications and whose web site code was done well.

Web site testing, also known as web scanning or auditing, is a hosted service provided by Smartech. This service requires no installation of software or hardware and is done without any interruption of web services.

We have started with accumulating the known issues and compiled arguably the most complete database of security vulnerabilities. Every exploit has a known combination of web site weaknesses. Thus by examining a server for the open port, available service and/or code that each known exploit requires, it is a simple matter to determine if a server is vulnerable to attack using that method.

In a matter of hours, our security service can run through its entire database of over ten thousand vulnerabilities and can report on which are present and better yet, confirm the thousands that are not. With that data in hand you and your staff can address your actual web security vulnerabilities and, when handled, know that your site is completely free of known issues regardless of what updates and patches have been done and what condition your code is in or what unused code may reside, hidden, on your site or web server.

Our service can be availed on a regular basis so that your site will be tested against new vulnerabilities as they become known and provide you with solid data as to whether action is vital, needed or low priority. You will also be alerted if new code has been added to the site that is insecure, a new port has been opened that was unexpected, or a new service has been loaded and started that may present an opportunity to break in.

In complex, large systems it may be that daily web scanning is the ONLY way to ensure that none of the many changes made to site code or on an application may have opened a hole in your carefully established security perimeter.

Any Questions? Ask us