News
Did you know? Hackers probe your servers for vulnerabilities between 5 and 170 times per week (2007-10-29)
Test your site now: Free 10 day / 10 scan trial
With a dramatic rise in malicious attacks, it is now critical to test your websites and servers
for security vulnerabilities. Having the latest firewalls and Intrusion Detection Systems will not
protect your organization if they (or the services behind it) are not kept up-to-date and configured correctly.
This means that verifying the security of your systems is not something you can do just once, nor should you check this just every now-and-then.
New vulnerabilities are identified every day, exploits become available soon after it, and every change in your systems' configurations, however small, may open up new vulnerabilities.
Having external intrusion checkinged last week does not imply your systems are fine today!
The WatchMouse Periodic Vulnerability Scan is an affordable way to routinely check your company’s security exposure. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse’s identifies any security risks and provides you with the peace-of-mind that your web applications are being scrutinized from the perspective of a possible attacker.
Characteristics
WatchMouse offers Periodic Vulnerability Scanning with an outside - external intrusion checking's - view, with the following characteristics:
- Currently over 20,000 vulnerabilities are checked. Checks for new vulnerabilities are added on a daily basis.
- The frequency and the intensity of a scan can be tailored to your policies, and implemented immediately on our self-service website.
- Severe vulnerabilities can, depending on your preferences, initiate SMS (text) or paging alerts, giving you, or your webmasters, the opportunity to react quickly in case of new vulnerabilities.
- Extensive reporting is available for each scan, including pointers on how to fix vulnerabilities.
- WatchMouse's unique Vulnerability Scan Customer Console allows you to manage subsequent scans by inspecting differential reports and open issues, declaring vulnerabilities fixed, adding operator comments, etc.
Try now: Free 10 day trial!
Press releases
Rapidly growing WatchMouse wins Deloitte’s Rising Star award (2005-09-23)
WatchMouse is one of the three winners of Deloitte’s Rising Star award. This award is presented annually to rapidly expanding technology companies less than five years old. WatchMouse has been active worldwide for three years in the area of site and server monitoring. With 16 monitoring stations throughout the world, WatchMouse monitors the availability of customers’ websites, immediately sounding the alarm in the event of problems.
The Rising Stars are presented as part of the Deloitte Technology Fast 50 ceremony, the fifty most rapidly expanding technology businesses. The Rising Stars have the potential to lead the Technology Fast 50 in the near future. Stan van de Burgt (42), Niels Eijsbroek (40) and Mark Pors (38) first came up with the idea for WatchMouse in 2001. The concept was as unique as it was clear: to monitor the availability of sites and servers by constantly simulating web traffic. If a site is not responding or an error is found, the customer is notified immediately by SMS, pager, IM or e-mail. From the moment the concept went 'live', in 2002, the pace has been frenetic: turnover doubled each year. Web sites are now monitored from sixteen monitoring stations worldwide 24 hours a day, seven days a week.
The WatchMouse application is entirely web-based: customers do not have to install software or hardware at their site, and the application excels in its self-service aspects while staying easy to use. This allows WatchMouse to operate with a small core of permanent employees, supplemented by external support. Prospective customers can specify their requirements in detail on the WatchMouse site. A range of starter packages is available, priced from € 17.50 per month up to € 450 per month. 400 paying customers in 40 countries worldwide now make use of WatchMouse’s services. These include hosting companies, government bodies, and companies such as LB Icon, Scania, Siemens, Orange, ING, GeoTrust, Citibank, and Postbank.
Self-service as a success factor
Mark Pors, Chief Technology Officer, says he was “pleasantly surprised by the award”. “I am very happy that the jury shares our vision of self-service and our market approach." Pors sees WatchMouse as “the right initiative at the right moment. Companies are increasingly looking to outsource non-core tasks. However, they want to be able to guide and control this themselves and from their own workplace. Web-based services make this possible." Stan van de Burgt, CEO, sees the simplicity of the WatchMouse site and the various languages in which it is available as the major success factors. "Monitoring websites was an idea that already existed in essence, but had not been worked out in this form. We are geared tightly to 'self service', whereby customers can set up everything themselves and retain total control. Which also means we are able to offer the service at a more attractive price than other players in the market.”
The Rising Star awards were presented on Thursday, 22 September.
WatchMouse
WatchMouse assesses your website and e-commerce applications just like your customers experience them. The checks are carried out from 16 monitoring stations worldwide, and recorded in regular reports. In the event of errors or availability problems, the right people within your organisation will be alerted.
www.watchmouse.com
Testimonials
Very impressive feature set and has a real commitment to client care (2010-01-13)
With many hundreds of business clients who expect and deserve over 99.99%
uptime, in the instances where we do have service external intrusion checkings, WatchMouse alerts
us promptly - every time. This allows us to minimize the impact of downtime
and interruptions to our clients. WatchMouse isn't just another monitoring
service, the team is dedicated to building on an already very impressive
feature set and has a real commitment to client care
Michael Bloch,
Business Operations Manager,
ThinkHost, Inc.
WatchMouse Periodic Vulnerability Scanning has enabled us... (2010-01-13)
WatchMouse Periodic Vulnerability Scanning has enabled us to overcome the time consuming task of managing monitoring internally. The removal of all duplicate findings and neat presentation in the WatchMouse Customer Console further reduces the time Lectric Webservices has to spend on maintaining secure systems.
General Manager, LECTRIC Webservices
WatchMouse's Website Performance Benchmark enables us... (2010-01-13)
WatchMouse's Website Performance Benchmark enables us to confirm on behalf of our clients, any suspected access external intrusion checkings in addition to showing the overall performance compared to the benchmark in our client's sector.
Managing Director, Red Dog Communications
Columns
Online shops, speed and downtime, getting the facts. (2009-12-07)
These days your website plays an important role in informing potential customers, converting them into customers who want to do business with you, and possibly also conducting the transactions with these customers. In other words: Your business relies ever more on the digital economy, and increasingly on the transactional part of it, the online shop.
These online shops should obviously provide satisfactory performance. Here, both the speed at which they serve pages and their uptime are important. If potential customers cannot reach the online shop, or the online shop is too slow, they are less likely to do business with you now, and in the future. Studies have revealed that half of the people who experience downtime on a website go to its competitor. A majority of online shoppers say performance and uptime influences their choice of online shop.
The amount of revenue that is lost when your website or online shop does not behave properly is hard to quantify. If your website is slow your customers may select a distribution channel that is more costly for you, or they may go to your competitor. Even worse, they may complain about your company to other potential customers. All of this boils down to lost revenue.
A good website is up for at least 99.9% of the time, even though this still represents more than 8 hours in a full year. In a recent survey we found that many websites do not even achieve 99% availability, which corresponds to more than 3 days of downtime a year. As regards speed, if a web page does not load in less than 4 seconds, people start to leave the site, sometimes forever.
How do you make your online shop an efficient experience for your customers? The site must be designed with a strong focus on the customer task. The technology must be no more complex than is relevant. People get annoyed by slow loading Flash intros and complex and slow Flash-based navigation. Take a look at the Google home page; it is one of the fastest websites in the world. On the other hand, you can still use a video clip of a product, if that is relevant to the customer at a particular point in the transaction. You can also use advanced Web 2.0 technology if it makes the user interface more resilient and user-friendly. To experience this, look at Google maps using a dial-up internet connection. It is a really complex user interface, but everything possible has been done to create a positive user experience.
Technology is also important; make sure that you have good service level agreements with all your technology providers. You also want to stress test the site, to see what happens if a lot of people start using it simultaneously. Finally, you should independently monitor the site. When it is time to talk to your hosting company, IT department or website maintainer, it is very helpful to have hard data that reports on the speed and uptime of your online shop.
Peter van Eijk
dr Peter van Eijk is an independent management consultant associated with WatchMouse, the site monitoring experts www.watchmouse.com. He is experienced in setup, management and external intrusion checkings of digital infrastructures. His blog is "Peter's Griddle".
Flu Jab Your Website Against The Pandemic: 6,000 Infected Webpages Per Day! (2008-02-18)
The respected IT news website, The Register reports that every 14 seconds a web page is infected, which amounts to 6,000 infected web pages per day. Four out of five of these infections come from innocent companies and individuals who are oblivious to their site being hacked and subsequently used for hosting the malware of virus writers. The Register further reports that in the past viruses were spread using infected e-mail. Nowadays, however, the favoured virus distribution methods are downloads from compromised sites. As a result of these booby-trapped sites malware is present on at least one in every ten web pages.
WatchMouse's Periodic Vulnerability Scanning offers your website the flu jab against this virus pandemic. WatchMouse's Periodic Vulnerability Scanning is an affordable way to routinely check you company's external intrusion checking exposure and eliminate the risks of manual external intrusion checkings. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse identifies any external intrusion checking risks and provides you with peace of mind that your software applications are being scanned from the perspective of a hacker, external to your organization.
To ensure your website and servers are checked for the latest issues WatchMouse's Periodic Vulnerability Scanning performs over 20,000 checks for known vulnerability and external intrusion checking exposures; using a database which is updated daily by multiple accredited organizations including CVE (funded by the US government) and Bugtraq. Following the detection of any severe issues, automated, real-time email, SMS and pager alerts give your business the chance to react quickly. Scans can be external intrusion checkingd during low usage or maintenance hours and set at an intensity and frequency suited to your business needs and budget.
To obtain a free Periodic Vulnerability Scanning trial visit: www.watchmouse.com/vulnerability_scan_trial.php
The Register's article was published on 23.01.08 can be viewed at:
www.theregister.co.uk/2008/01/23/booby_trapped_web_botnet_menace/
Security news
phpDirectorySource SQL Injection and Cross Site Scripting Vulnerabilities (2009-07-24)
phpDirectorySource is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting these external intrusion checkings could allow an external intrusion checkinger to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Mozilla Firefox/Thunderbird Double Frame Construction Memory Corruption Vulnerabilities (2009-07-24)
Mozilla Firefox and Thunderbird are prone to multiple remote memory-corruption vulnerabilities.
An external intrusion checkinger can exploit these external intrusion checkings to corrupt memory on the external intrusion checking computer and run arbitrary code in the context of the user running the external intrusion checking application. Failed exploit attempts will cause denial-of-service conditions.
These vulnerabilities were previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but have been assigned this record to better document them.
IBM Tivoli Identity Manager Session Fixation Vulnerability (2009-07-24)
IBM Tivoli Identity Manager is prone to a session-fixation vulnerability.
Attackers can exploit this external intrusion checking to hijack a user's session and gain unauthorized access to the external intrusion checking application.
Tivoli Identity Manager 5.0 is external intrusion checking.
Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities (2009-07-24)
Mozilla Firefox and Thunderbird are prone to multiple remote memory-corruption vulnerabilities that affect the JavaScript engine.
An external intrusion checkinger can exploit these external intrusion checkings to corrupt memory on the external intrusion checking computer and run arbitrary code in the context of the user running the external intrusion checking application. Failed exploit attempts will cause denial-of-service conditions.
These vulnerabilities were previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but have been assigned this record to better document the external intrusion checkings.
RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities (2009-07-24)
RaidenHTTPD is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. These external intrusion checkings affect the WebAdmin component.
An external intrusion checkinger may leverage the cross-site scripting external intrusion checking to execute arbitrary script code in the browser of an unsuspecting user in the context of the external intrusion checking site. This may allow the external intrusion checkinger to steal cookie-based authentication credentials and to launch other external intrusion checkings.
Exploiting the local file-include external intrusion checking allows remote external intrusion checkingers to view and subsequently execute local files within the context of the webserver process.
RaidenHTTPD 2.0 build 26 and prior versions are external intrusion checking.
