6Scan officially announced its security-as-a-service offering today. The company was founded by CEO Nitzan Miron and CTO Yaron Tal, two former cyberdefense specialists for the Israel Defense Forces. The duo has been working in information security since they were teenagers.It's still security week, and we've got more security related news for you: a brand new company called
Starting at $10 a month, 6Scan will scan your website for vulnerabilities and, when possible, automatically fix them. The service is expected to launch in October.
6Scan raised an undisclosed amount of series A funding from YL Ventures. YL Ventures' Managing Partner Yoav Andrew Leitersdorf joined the 6Scan board as part of the investment. 6Scan was seeded by VentureGeeks.
The service consists of two components. 6Scan Patrol does automated penetration testing, which the company describes as having a virtual white hat hacker on your side. Meanwhile, 6Scan Bodyguard handles the patching of vulnerabilities.
Leitersdorf says the company is targeting small website owners that don't have the resources to hire security experts. The service will be very light touch - users will sign-up for an 6Scan account, provide credential to the relevant Web applications and the service will do the rest. Leitersdorf says the company is working on partnerships with Web hosting providers as well.
Unlike hosted Web application firewall (WAF) services like Cloudflare (coverage) and Incapsula (coverage) 6Scan doesn't route your traffic through its servers. While the hosted WAFs will detect and block malicious behavior, 6Scan aims to close the vulnerabilities these malicious behavior seek to exploit. We could see these services working together, but Leitersdorf says they haven't had any conversations with any WAF providers as of yet.
A comparison could also be made with malware scanners like Dasient (coverage) and Securi, but what these services do is notify you when your site has been compromised. 6Scan is aiming to prevent this sort of thing from ever happening. It seems like there's a real opportunity for a bundle here of a hosted WAF, penetration testing, automatic patching and malware detection and repair.