THOUSANDS OF WEB SITES, INCLUDING THOSE OF LARGER WELL-ESTABLISHED COMPANIES, ARE DAILY INFECTED WITH MALWARES. MALWARES CAN DISRUPT THE NORMAL OPERATIONS OF ORGANIZATION’S WEB SITE AND PROBABLY INFECT THE WEB SITE USERS AS WELL.
Malware Detection Scan (MDS) is performed to proactively scan organization web sites for malware, provide automated alerts, and in-depth reporting to enable prompt identification of malwares and provision of immediate resolution. MDS enables customers to protect their web sites and applications from malicious infections, preventing web site black listing and brand reputation damage.
Service ObjectiveThe objective of MDS service are:
Scan customer web sites and checks for suspicious scripts, malicious media and other web security threats hidden inside legitimate content and located on their web sites. Protect Web sites from malware infections and safeguard customer brand reputations.
Scope of ServiceThe MDS can coves main external and internal web sites and sub-domains of web. The scope of the MDS service includes following:
- Web site analysis for vulnerable and/or erroneous code.
- Monitoring malicious activity upon request from customer.
- On-demand scans for quick review after malware removal.
- Detailed report on malicious content and malicious web pages.
- Provision of recommendations for malware removal
Process of Malware Detection ScanMDS supports regularly scheduled scanning to monitor web sites on an ongoing basis, with email alerts feature to quickly notify organizations when infections are discovered. The MDS process consists of the following steps:
Step 1: Scope Validation
Cloud4C team will validate the scope of the target list provided by customer. This is a safety measure to ensure the accuracy of subsequent findings and will include the following activities:
- Wping sweeps and route tracing.
- Searches for sub-domains of web site.
- Checks for accessibility of web site.
Step 3: Analysis of scan results
Cloud4C team will evaluate, analyze, and categorize MDS findings based on impact and severity.
Step 4: Recommendations & Reporting
Recommendations based on the malware type and web site will be suggested. Detailed report of all malware infections per web site and recommendation will be provided.
Step 2: Performs Malware scan
MDS will intelligently crawls customer web site and identify all possible infections and backdoors on web site. Cloud4C team will perform MDS on the given web sites and checks for following malware types:
- Web site Defacements.
- Hidden I-Frames.
- PHP mailers.
- Phishing page detection.
- Web site Backdoors.
- Web site Anomalies.
- Web site Defacements.
- Cross site scrIPting.
- Rogue processes being started.
- Document writes with obfuscation.
- Web bugs.
PrerequisitesTo ensure successful and smooth execution of MDS service, certain information and preparation need to be in place:
External Malware Detection Scan (MDS):The IP addresses of internet facing web site to be included in the scope of MDS service along with the test user credentials required to logon to the web site. The test user credentials are used to scan the web site from an authenticated user’s point of view.
Internal Malware Detection Scan (MDS):We need a Virtual Machine (VM) to install our security toolkit. The VM should have the following:
8 GB RAM, 250 GB Hard Drive space, 4 core processor.
- Hardware requirements:
Privilegelocal administrator privileges on the VM.
The VM should be placed in internal network and assigned internal IP address. In addition, the VM should be accessible from the internet by Cloud4C team through VPN or remote desktop protocol to facilitate remote management and execution of service. The VM should have access to the target internal web site.
- Network access
CredentialsTest credentials to logon to the web site to perform the deep level scans.
Upon completion of the MDS service, a detailed report will be sent to client, including the following:
Summary of the purpose of this assessment, as well as brief explanation of the threats that the organization is exposed to from a business perspective.
A detailed, technical explanation of the findings of the assessment along with steps and proofs of the findings.
Conclusion & Recommendations:
This section provides all recommendations and summary of the issues found during the security assessment.
- Executive Summary
Service delivery time
The MDS service on about 5 Web Applications can be completed in two business days.