COMODO WEB INSPECTOR™
Advanced Malware Detection Technologies
# Daily Malware Scanning
# PCI Compliancy Scanning
# Blacklist Monitoring
# Dynamic Trust Seal
Why Choose Comodo Web Inspector ?
Select A Plan For Your Website
Comodo operates blacklist monitoring service with powerful cloud-base malware called Web Inspector. It mainly developed for medium and large website scan. WI (Web Inspector) brings security to the highest level of industry standards. WI notifies the owner of the site if any known malware discovered or if a site detected in blacklists of the main search engines for any reason via instant email notifications. Immediate notification helps owners of the sites to reduce any risks of inclusion in blacklists.
Comodo Web Inspector is not just blacklisting utility or anti-malware, it is also full-fledged PCI scan based on top-rated technology from Comodo Hacker Guardian. That helps website owners maintain compliance with Payment Card Industry’s (PCI) mandatory rules and standards. We prepared benefits/feature comparison table below to help you choose the best plan suitable to your customers and company.
Frequently Asked Questions
Malware (short for “malicious software”) is any harmful program or file intended to secretly access a computer or steal confidential user data. The umbrella term ‘Malware’ covers computer viruses, worms, Trojan horses, spyware etc. Malware may be served as hidden codes within a website content, served content like banners, advertisements etc. and used as a vehicle for hacking and other cyber-crime.
Traditionally, malware was only ‘activated’ as a result of the user proactively opening an infected file. For example, opening an email attachment or double clicking on an executable that had been downloaded from the Internet. Unfortunately, hackers have become much more sophisticated over recent years and this level of interaction is no longer required. Hackers can now launch attacks over the Internet – attacks that are triggered simply because the user visited the website. In some cases, these ‘drive-by attacks’ often use served ads as a vehicle for delivery.
- Automatic, daily malware scans on your website
- Daily checks that your website is not present on any Internet blacklists
- Full reports and mitigation advice if malware is found
- You are notified the instant a problem is detected
- Easy, web based interface means you can be up and running 5 minutes after sign up
Web Inspector blacklist monitoring is an automated, daily check to make sure that your website is not blacklisted by any major search engine or anti-malware organization.
- Approximately 6000 websites are added to Google’s blacklist every day
- It can take 7-10 days for remediation and recovery of a blacklisted site
- During this time, your website will be blocked by all major Internet browsers
- Your customers and partners will be effectively blocked and your reputation will suffer
- Without an early warning system, you may be unaware until a customer complains
Once you sign up, you will have access to two important components of Web Inspector with dedicated dashboards for:
- The daily malware scanning service: It does a comprehensive malware scan of the pages of your website and checks every major website blacklisting service to ensure your site isn’t listed. This provides immediate notifications in case a problem is discovered
- The Vulnerability & PCI Scanning Extension: This dedicated dashboard revolutionizes the way you test your website’s security. This will give you a daily vulnerability scan and scanning to be PCI compliance.
There are many ways in which a website can attack your computer. Two of the most dangerous and widespread examples are:
The ‘Drive-by-Download’ Attack:
The ‘drive-by-download’ attacks occur when a visitor navigates to a site that injects malware onto the victim’s PC. Crucially, these attacks are usually downloaded and run in the background in a manner that is invisible to the user – and without them taking any ‘action steps’ to initiate the attack ( for example, erroneously downloading a file that later transpires to be malware). Just the act of viewing a web-page that harbors this malicious code is enough for the attack to run. The downloaded malware often initiate a buffer-overflow attack.
Buffer-overflow attack occurs when the downloaded malicious program or script deliberately sends more data to a target applications memory buffer than the buffer can handle – which can be exploited to create a back door to the system though which a hacker can gain access. The goal of most attacks is to install malware onto the compromised PC whereby the hacker can reformat the hard drive, steal sensitive user information, or even install programs that transform the machine into a Zombie PC.
There are many types of buffer overflow attack, including stack attacks, heap attacks and ret2libc attacks. In each case, the goal is to destabilize or crash a computer system by deliberately causing a buffer overflow – creating the opportunity for the hacker to run malicious code and even gain control of the entire operating system. As would be expected, the applications most vulnerable to a buffer overflow attacks are those whose primary function involves Internet connectivity – such as web-browsers, e-mail clients and instant messaging applications.
Cross Site Scripting Attack:
The Cross Site Scripting (XSS) attack is initiated by malicious attackers injecting client-side script into web-pages accessed by unsuspecting users. The injected scripts enable the attacker to steal sensitive page content, session cookies, and a variety of other information maintained by the browser on user’s computer. There are two types of XSS attacks:
Non Persistent:
The malicious script, passed by the attacker e.g. through the HTML forms, can place hidden frames or deceptive links on unrelated sites in the web content of the legitimate serve. This can cause victims’ browsers to navigate to a malicious site automatically – often completely in the background. In such a case, the attacker can intrude into the security context and steal them from the victim’s browser.
Persistent:
The malicious script, passed by the attacker e.g. through the HTML forms, is saved in the server and displayed permanently in the normal pages rendered to the visitors. This enables the attackers to hijack the transactions through the legitimate server and can steal sensitive information like authentication
If you find a site with malicious content, please report your network administrator or your ISP along with the URL of the website. Also include the information that you discovered these threats by using Comodo Web Inspector scanning service, available in your report (Report as Malicious). This will enable the administrator or the ISP to rescan the reported website(s) and to take necessary actions based on the scan reports to safeguard the visitors of the website.
Select the plan that best suits you from the ‘Plans & Pricing’ page, fill in your details and you will be setup in no time!
Immediately after finding malware we will alert you through email at the email address registered with us during account creation. This will enable you to take necessary remedial measures to disinfect your site and prevent being blacklisted by the search engines.
We scan all the files in your website with our award winning scanning engines and the very latest database of known malware in order to identify even zero-hour threats.
If we find that your site is blacklisted, we will immediately alert you via the email address registered with us along with your account.
Your website will be scanned for malware and malicious changes everyday, while the search engines do the same over much longer intervals. Hence, we may identify the malware before the search engines do.
We Believe In Superhero Support 24x7x365
What Our Satisfied Customers Are Saying