Google strikes with unbeatable hosted anti spam and anti virus product

I recently wrote about the excellent Google domains product. Well, now its possible to use just the security 'component' of Google domains and combine it with any mail server. For only $3 a year per user, you can outsource your entire anti spam and anti virus to Google. For a 50 user company, that’s only $150 per year!

Unbeatable, knowing how good Google anti spam and anti virus is and how much work managing spam and virus can be. Exchange and Lotus users no longer need to buy and manage expensive add on products.

So whilst Microsoft is busy burning 44 billion dollars (Only dollars, true), Google is busy gaining access to that vast and profitable Exchange Server customer base. Check out Googles offering here

McAfee buys ScanAlert

McAfee announced today it bought ScanAlert for US$54 million. ScanAlert sells a web site security scanning service. After a number of bad buys, McAfee seems to be on to a good thing this time. US$54 million for 75,000 paying customers is a fair price.

There's a US$24 million earn out, but if that is worded and devised similar to most earn outs, at the end it's either going to add significant value or not end up being paid at all ...

It seems McAfee plans to couple ScanAlert with their excellent SiteAdvisor service, purchased in early 2006, which rates websites for their safety. I think McAfee has made an excellent move and with this acquisition is putting itself in a good position to take advantage of the emerging web
security market.

Free cross site scripting scanner

OK, another post related to Acunetix. But what we are giving away today is pretty good i think. We have decided to make the cross site scripting functionality free - anyone can download it and check his website for cross site scripting vulnerabilities. This is a major security risk these days so this will really help the security conscious webmaster.

This is pretty significant technology, we spent some 5 years developing it and considerable money and time went into it. I hope it will be appreciated :-) here is the press release

Acunetix today launched a Free Edition of its popular web vulnerability scanner, which allows companies to check for cross site scripting vulnerabilities in their websites at no charge. The Free Edition of Acunetix Web Vulnerability Scanner (WVS) is available immediately at http://www.acunetix.com/cross-site-scripting/scanner.htm.

Germany to use Trojans to infiltrate Terrorist groups

German politicians have defended plans to email Trojan horse software to terror suspects in the hopes of monitoring their conversations. The measures have sparked a fierce civil liberties debate. More on http://www.theregister.co.uk/2007/09/03/german_trojan_plan/

An amazingly bad plan by german government too crazy for words. And this only months after an arguably even more ridiculous action by same government, involving the banning of security scanning tools http://www.theregister.co.uk/2007/05/30/garmany_anti-hacking_law/

Web application vulnerability list

Acunetix has released an RSS feed which lists known web application vulnerabilities and the specific technologies which they target. Hackers today have an ever increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks. In order to educate the public, Acunetix felt the need to document all vulnerabilities discovered by Acunetix WVS since its inception, and will continue to update this list with every new vulnerability found.

Hackers are constantly searching for new flaws to exploit in web applications. Most of the vulnerabilities affect all dynamic web applications whilst others are known to be dependent on specific application technologies. Whatever the case may be, it has become apparent that as web technologies progress, so do the exploits that come with them which hackers are using in order to compromise sensitive databases, thus posing a threat to the daily operation of online businesses.

Since its introduction to the market, developers at Acunetix have been gathering information on all the known web application vulnerabilities detected by the scanner. These vulnerability "signatures" also reinforce the need for the heuristic scanning capabilities of Acunetix WVS, for the detection of those exploits which have not yet been identified and tagged.

The Web Application Vulnerability RSS feed, including over 400 entries is available to subscribe to from: http://www.acunetix.com/vulnerabilities/index.htm

PCI compliance - its real and coming soon!

Businesses that rely on payment by credit cards are required to comply with the PCI security standards by September 2007. Non compliance could result in loss of merchant account, severe fines and lawsuits. In view of these new regulations, Acunetix has published a PCI Compliance Guide to help companies understand the concept behind the Payment Card Industry as well as documenting the steps needed to reach compliance.

http://www.acunetix.com/news/pci-compliance.htm

You really should be checking your web apps for vulnerabilities....