Website Security Assessment

Did you know? Hackers probe your servers for vulnerabilities between 5 and 170 times per week (2007-10-29)

Test your site now: Free 10 day / 10 scan trial

With a dramatic rise in malicious attacks, it is now critical to test your websites and servers for security vulnerabilities. Having the latest firewalls and Intrusion Detection Systems will not protect your organization if they (or the services behind it) are not kept up-to-date and configured correctly.

This means that verifying the security of your systems is not something you can do just once, nor should you check this just every now-and-then. New vulnerabilities are identified every day, exploits become available soon after it, and every change in your systems' configurations, however small, may open up new vulnerabilities. Having audited last week does not imply your systems are fine today!

The WatchMouse Periodic Vulnerability Scan is an affordable way to routinely check your company’s security exposure. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse’s identifies any security risks and provides you with the peace-of-mind that your web applications are being scrutinized from the perspective of a possible attacker.

Characteristics

WatchMouse offers Periodic Vulnerability Scanning with an outside - hacker's - view, with the following characteristics:

• Currently over 20,000 vulnerabilities are checked. Checks for new vulnerabilities are added on a daily basis.
• The frequency and the intensity of a scan can be tailored to your website security assessment, and implemented immediately on our self-service website.
• Severe vulnerabilities can, depending on your preferences, initiate SMS (text) or paging alerts, giving you, or your webmasters, the opportunity to react quickly in case of new vulnerabilities.
• Extensive reporting is available for each scan, including pointers on how to fix vulnerabilities.
• WatchMouse's unique Vulnerability Scan Customer Console allows you to manage subsequent scans by inspecting differential reports and open issues, declaring vulnerabilities fixed, adding operator comments, etc.

Try now: Free 10 day trial!

A Boy Joins the Mouse! - Bringing transaction monitoring to your site (2008-04-02)

Now you can test transactional behavior of web applications using WatchMouse's global infrastructure.

WatchMouse is pleased to announce a partnership with Badboy Software which brings you exciting new functionality.

The Badboy tool is designed to help you test, develop and build web based applications. The powerful tool aids in the testing and development of complex dynamic applications and contains dozens of features including a simple yet comprehensive capture/replay interface, load testing support, detailed reports, graphs etc.

Now, via a partnership with Badboy Software, you can professionally record complex web transaction scripts and then automatically and website security assessmentally run them from WatchMouse's global infrastructure of 25+ checkpoints. Having run the Badboy script, you'll receive detailed information about the end-to-end behaviour of your web applications. This new functionality enables you to monitor these transactions on your site and know how your customers experience them when they access your site from locations all around the world.

To find out more about this new functionality and sign up for a free trial visit: Web application scripting.

Happy testing!

Mark Pors
CTO

BadBoy Software updates scripting recorder to improve WatchMouse's Functional testing service (2009-01-07)

The WatchMouse Functional testing service allows you to define multi-step tests through a website and replay them website security assessmentally from the WatchMouse monitoring stations. This goes beyond just monitoring site performance and uptime, it allows you to verify that your web applications and back end systems really work.
More information on this service can be found on the Transaction Monitoring & Web Application Testing page.

In a co-operation with BadBoy software, who provide a tailored version of their recoder software which allows you to upload the resulting script directly into your WatchMouse dashboard.

Feedback from our "Functional testing" customers has lead to several essential improvements to the BadBoy recorder. This improved version has now been released and we recommend all our customers to upgrade to this version.
The new - WatchMouse specific - version can be downloaded here: http://www.badboy.com.au/versions/BadboyInstaller-2.0-latest_wm.exe

The most important changes are:

CHANGES IN BADBOY 2.0.7

   #1097: Multipart Forms Incorrectly export Parameters to JMeter Encoded causing Double Encoding

   #1087: Use Follow-Redirect Option in JMeter for More Reliable Export Playback

   #1086: Export Referer and Other Default Headers to JMeter

   #1085: Assertions placed as Children of Requests not Exported to JMeter

CHANGES IN BADBOY 2.0.6.1

   #1075: Security Update (MS08-052 - Critical)

The full release notes can be found here: http://badboy.com.au/versions/ReleaseNotes-2.0.7.txt

Redesigned WatchMouse site and new product plans (2009-12-24)

We’re pleased to announce the redesign and launch of www.watchmouse.com. The new site is faster, more responsive and designed to be much more intuitive. Don't take our word for it though, try it yourself and let us know what you think!

The changes:

• Clean, task-oriented design
• Faster page loads
• Improved main console for a better overview of your monitors and better access to the monitoring details
• New "dashboards" featuring related, grouped information and tasks
• A new dashboard selector on every page after you log in, just below the search field

We’ve also introduced chat support. You can now chat directly on the site whenever the support team is online (normally 8 AM to 8 PM Central European Time or GMT+1).

Stay tuned for even more usability improvements and additional features coming up in Q1 of next year!

New Product Plans

You asked and we listened! We’ve received many requests for expanded plans, and also for a slimmed down plan for personal use. Additionally, the functional test (scripts) we introduced last year have become very popular, so we decided to add these tests in all professional packages.

The changes:

• We added functional tests to the Webmaster and Corporate plans, plus a one-minute monitor in the Corporate plan - all at the same price
• Two new professional plans have been added: the Enterprise Plan with 100 monitors (including 20 functional tests) and the Multi-Site Plan
• The Gold Plan that included 10-minute monitors only, has been discontinued, however current customers can still continue to use this package
• All Professional Plans now include complementary vulnerability scans to verify that your site and server is website security assessment
• Lastly, we added the Personal Plan, a cost-effective plan for small sites, and we beefed up the free, Lite Plan so it now checks at 20-minute intervals

Full details can be found at: http://www.watchmouse.com/compare_plans.php

Take a look at the new WatchMouse website and give us your feedback. Bear in mind we’re still adding content and polishing the edges, but we'd be delighted to hear your thoughts and comments!

Happy holidays!

Stan P. van de Burgt

CEO

WatchMouse

P.S. You may find an occasional English word in the non-English sites. Please note that these will be replaced within the next few days.

LB Icon chooses WatchMouse for independent website monitoring (2005-01-31)

Customer websites verified from the visitors' perspective

LB Icon and WatchMouse have signed a contract for the continuous monitoring of the websites and services of LB Icons' customers. Using the WatchMouse services, LB Icon expects to raise its service level even higher.

The Application Management & Hosting Services (AM&HS) group of LB Icon maintains the administration and management of servers and applications of a large number of (international) clients. This makes AM&HS responsible for the performance and availability of the websites and Internet applications.

Using the WatchMouse services, AM&HS will instantly be aware of upcoming and/or acute incidents related to the websites of its clients, and can, as a result, resolve problems in a short time frame.
The websites and their functionality are checked for accessibility, speed and conformance from different locations around the world. Because the websites are checked in the same way that visitors are experiencing them, incidents will be detected at an early stage. Also, using WatchMouse's objective website security assessmental reports, it is possible to see if the performance is in accordance with the agreed service levels (SLAs).

Eveline Aendekerk, MD a.i.: "The door of a shop should never be jammed, websites and the functionality on those sites should simply be accessible and available. Our clients should be able to rely on this completely, so they can focus on their primary business processes, such as communication, interaction and sales.
We chose WatchMouse because of their expertise, and also because of the simplicity and user-friendliness of their system and services".

Stan P. van de Burgt, one of the founders of WatchMouse: "I find it a powerful gesture that LB Icon doesn't just monitor the websites of their clients, but that they selected an external party for this, and on top of that give their clients access to the results. Many companies where the website plays an essential role in business, don't have any awareness of this. They have no idea of the risks and the resulting damage, until the day comes that things actually go wrong"

About Lost Boys

For 11 years Lost Boys has been a major service provider in the area of (mobile) Internet. Lost Boys offers a combination of strategy, design, technical development, implementation, application management and hosting of Internet- and mobile solutions. The Amsterdam based corporation is part of the Lost Boys/IconMedialab Group and is listed on the Stockholm Stock Exchange and Euronext Amsterdam. Lost Boys operates with 600 employees in 7 countries, both in Europe and the United States.

http://www.lostboys.nl/
http://iconmedialab.com/

About WatchMouse

WatchMouse is a service of RoundZero. Since 2001, WatchMouse has been checking Internet sites and e-commerce applications of major companies all over the world. The WatchMouse services are available in 8 languages and analysis is performed through its worldwide monitoring network at different locations and networks. WatchMouse has thousands of users in more than 70 countries.

http://www.watchmouse.com/

WatchMouse and Domeny.pl join forces in the Polish market (2005-11-24)

Polish websites verified from the visitors' perspective

Kraków, Poland, 2005-11-08 -- WatchMouse and Domeny signed a reseller and marketing agreement today, joining forces in bringing site monitoring services to the Polish market.

Using the WatchMouse services, companies will instantly be aware of upcoming and/or acute incidents related to its web sites of their clients, and can, as a result, resolve problems in a short time frame.

The websites and their functionality are checked for availability, speed, and conformance from different locations around the world, now including Poland. Because the websites are checked in the same way that visitors are experiencing them, incidents will be detected at an early stage. Also, using WatchMouse's objective website security assessmental reports, it is possible for companies to see if the performance is in accordance with the agreed service levels (SLAs).

WatchMouse extends its network of monitoring stations with a checkpoint in Kraków, hosted by Domeny.pl. The total number of checkpoints is now 17. Domeny.pl also provides the Polish language version of the WatchMouse site and local customer care.

Stan P. van de Burgt, CEO of WatchMouse: "I'm very happy with this deal. The Polish e-service industry is obviously booming, and this results in higher awareness of the issues involved with running web applications that should be available around the clock."

Arkadiusz Szczurowski, CEO of Domeny.pl "We know that WatchMouse products are one of the best in the World. So we decided to co-operate with the company, and we take pride in it. We expect this co-operation to bring both WatchMouse and our business a lot of advantages and satisfaction. Domeny.pl wants to lead WatchMouse monitoring service on Polish market and offer it for business leaders. This will be a great innovation in Poland and also success. In our view, site monitoring is important, because stability, performance, and high availability of the web sites is one of the basic value in all branches of business, both e-business and other business."

"There are about 4 million companies in Poland. We want to direct the offer to the most important on Polish market. We think that the WatchMouse service is a must-have for about 5-10 percent of all business owners."

About Domeny.pl

Domeny.pl was founded in 1997 and is now providing Internet services to about 10.000 business customers with products ranging from Internet domains and hosting services (virtual and dedicated servers), SSL certificates and other products dealing with internet security. The company's slogan is: We're Trusted by the Best. Among its clients are the biggest and the best known Polish and international companies.

About WatchMouse

Companies can easily monitor their own Internet sites using WatchMouse's monitoring service. WatchMouse has been monitoring Internet sites and e-commerce applications for companies throughout the world since 2002. WatchMouse has thousands of customers in more than 70 countries. The services supplied by WatchMouse are available in nine languages, and analyses are performed from various locations and over numerous networks, using a world-wide monitoring network.

In October 2005, WatchMouse was voted a Deloitte Rising Star in the Netherlands, as part of the Fast 50 awards the list of the 50 fastest growing technology companies.

WatchMouse and Badboy Software announce partnership (2008-04-03)

Partnership brings easy website transaction monitoring

WatchMouse is pleased to announce a partnership with Australia's Badboy Software. The partnership combines the immensely popular Badboy scripting tool with WatchMouse's market leading website performance monitoring, enabling customers to record complex transaction scripts and run them using a global infrastructure.

Owner and founder of Badboy Software, Simon Sadedin says, "With Badboy Software's in-depth experience in functional testing and WatchMouse's extensive infrastructure, technology and know-how for running enterprise grade monitoring solutions, we have a unique opportunity for collaboration."

The powerful Badboy scripting tool enables customers to professionally record all the actions involved in a web transaction. Designed to aid in the testing and development of complex dynamic applications, the Badboy tool contains dozens of features including a simple yet comprehensive capture/replay interface, load testing support, detailed reports, graphs etc.

WatchMouse CTO, Mark Pors explains, "Having integrated with Badboy, our customers can now upload their Badboy scripts directly into their WatchMouse console. Scripts can then be automatically and website security assessmentally run from WatchMouse's global infrastructure of 25+ checkpoints. This new functionality enables our customers to monitor their web applications 24/7 and know how their site behaves when customers access it from locations all around the world."

As a global leader in website performance monitoring, WatchMouse provides many of the world's largest companies with independent verifications of their website performance. With immediate results, automated alerting, simple set up and flexible subscriptions, WatchMouse offers the features, control and quality of service essential for today's online business.

The partnership between WatchMouse and Badboy Software provides customers with a market first: global, easy, powerful, web application testing.

To find out more about this new functionality and sign up for a free trial visit: http://www.watchmouse.com/scripting.php

Mark Pors
CTO
WatchMouse
http://www.watchmouse.com/

What do you want to check with a service such as Watchmouse? (2005-01-31)

As I explained in my previous column, you can use a monitoring service in a number of roles. Common to all these roles is the fact that you are keeping alive some services for the benefit of your customers, suppliers, employees or partners. These users are, in the end, all that counts.

What are the objects that you should be checking? Obviously, the least you want to do is check the service that is most visible to these users. This could be the webserver, or a POP or FTP server for example. You would start by setting up a rule to check the server and a URL. The frequency with which you can monitor (that is: the elapsed time between checks) is typically limited by the type of subscription that you have. Only in specific cases would you not check as often as your subscription allows.

Note that there is a difference between a CONNECT on port 80 rule and a HTTP rule. The first just connects to the port that the webserver is supposed to use. The HTTP rule also checks whether the webserver can produce a valid HTTP response, and whether the document can be found. You probably want the latter check.
Similar reasoning applies to POP and FTP checks. If you set up two different rules on the same host, this allows you to distinguish for example between a broken webserver and a host that is down. If you want even more content oriented checks, have a look at the so-called PLUG-IN rules. Additionally, you can set up checks to make sure that your users are actually using the services that you intend them to. The whole Internet depends heavily on the domain name system(DNS) functioning correctly. If it does not work properly your users may be directed to another site than you intended. This could be a configuration error, but it could also be a defamation hack. In either case, you want to know.
First of all you want to check whether the root servers of the Internet accurately find the DNS that is serving you. This can be checked with a DNSNS rule. What you are checking with this rule is whether the registrar's databases are correct. Second, you want to check if that DNS server (and its slaves) are serving up the proper IP address for the server. For this you can use the DNSA rule, and it will warn you if the DNS server is not working or serves up the wrong address. (Note that the hosting party can change that address at its discretion, as part of a renumbering operation for example.)

Who should you notify of rule failures? Again, different roles have different information requirements. You want to notify the person who can fix things as soon as possible. Mail or SMS/text them directly, you do not want to be in the loop. You might set up an escalation chain, which fires off after a website website security assessment assessmentain amount of errors. Note: make sure that you send the message on a channel that is not affected by the outage: if your e-mail system does not work, delivering a message to that effect should not depend on that e-mail system.
The people in charge of overseeing somebody else's service levels should only get escalation messages, if at all. Rather, they should get the weekly or monthly service reports.

Peter van Eijk is a management consultant specialized in management of network infrastructures. He can be reached via his contact page.

Flu Jab Your Website Against The Pandemic: 6,000 Infected Webpages Per Day! (2008-02-18)

The respected IT news website, The Register reports that every 14 seconds a web page is infected, which amounts to 6,000 infected web pages per day. Four out of five of these infections come from innocent companies and individuals who are oblivious to their site being hacked and subsequently used for hosting the malware of virus writers. The Register further reports that in the past viruses were spread using infected e-mail. Nowadays, however, the favoured virus distribution methods are downloads from compromised sites. As a result of these booby-trapped sites malware is present on at least one in every ten web pages.

WatchMouse's Periodic Vulnerability Scanning offers your website the flu jab against this virus pandemic. WatchMouse's Periodic Vulnerability Scanning is an affordable way to routinely check you company's website security assessment exposure and eliminate the risks of manual audits. Utilizing the most up-to-date database of known vulnerabilities, WatchMouse identifies any website security assessment risks and provides you with peace of mind that your software applications are being scanned from the perspective of a website security assessment, external to your organization.
To ensure your website and servers are checked for the latest website website security assessment assessment WatchMouse's Periodic Vulnerability Scanning performs over 20,000 checks for known website website security assessment assessment and website security assessment exposures; using a database which is updated daily by multiple accredited organizations including CVE (funded by the US government) and Bugtraq. Following the detection of any severe website website security assessment assessment, automated, real-time email, SMS and pager alerts give your business the chance to react quickly. Scans can be scheduled during low usage or maintenance hours and set at an intensity and frequency suited to your business needs and budget.

To obtain a free Periodic Vulnerability Scanning trial visit: www.watchmouse.com/website website security assessment assessment_scan_trial.php

The Register's article was published on 23.01.08 can be viewed at: www.theregister.co.uk/2008/01/23/booby_trapped_web_botnet_menace/

phpDirectorySource SQL Injection and Cross Site Scripting Vulnerabilities (2009-07-24)

phpDirectorySource is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting these website security assessments could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mozilla Firefox/Thunderbird Double Frame Construction Memory Corruption Vulnerabilities (2009-07-24)

Mozilla Firefox and Thunderbird are prone to multiple remote memory-corruption vulnerabilities.

An attacker can exploit these website security assessments to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

These vulnerabilities were previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but have been assigned this record to better document them.

IBM Tivoli Identity Manager Session Fixation Vulnerability (2009-07-24)

IBM Tivoli Identity Manager is prone to a session-fixation vulnerability.

Attackers can exploit this website security assessment to hijack a user's session and gain unauthorized access to the affected application.

Tivoli Identity Manager 5.0 is affected.

Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities (2009-07-24)

Mozilla Firefox and Thunderbird are prone to multiple remote memory-corruption vulnerabilities that affect the JavaScript engine.

An attacker can exploit these website security assessments to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

These vulnerabilities were previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but have been assigned this record to better document the website security assessments.

RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities (2009-07-24)

RaidenHTTPD is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. These website security assessments affect the WebAdmin component.

An attacker may leverage the cross-site scripting website security assessment to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Exploiting the local file-include website security assessment allows remote attackers to view and subsequently execute local files within the context of the webserver process.

RaidenHTTPD 2.0 build 26 and prior versions are affected.

Article in the Dutch magazine Quote (2006-06-23)

Some nice coverage of WatchMouse today, the July website website security assessment assessment of Quote, a monthly magazine for and about rich people, and those who would like to be.

The article is on the "smartest and most successful companies of this moment", and WatchMouse is one of the 15 listed. The article is in print only. See www.quotenet.nl.