Ever come across a Google search result that has the words ‘this site can harm your computer’ below a link? What about the Firefox red screen of death? If you’re a Web surfer, chances are you’ve likely avoided clicking on this type of link. If you’re the owner of the flagged site, chances are that those six simple words will set off a mental tailspin.
Launching today, Dasient, a San Jose Palo Alto start-up founded by a couple of ex-Googlers, hopes to change all that with its new Web anti-malware service. By monitoring Web sites for infected pages, providing instant diagnostics and giving site owners a two-click quarantining option within moments of a compromise, Dasient’s subscription based security service (free and paid, from $50/month) aims to help businesses retain control of their Web site and remain clear of the dreaded blacklist.
Malware and the Social Web
There has never been a shortage of security problems on the Internet, but one of the most significant threats has come from the fundamental changes in the way malware is being distributed across the social Web. No longer are the majority of viruses spread by email attachments; cybercriminals are turning to the Web, planting malicious code on innocent Web sites, and then sitting back and waiting until the code silently infects visitors.
According to the 2009 Sophos Security Threat Report (PDF), this global criminal operation has reached such proportions that one new infected Web page is discovered every 4.5 seconds – 24 hours a day, 365 days a year. And according to Dasient, there are three underlying and converging trends that are behind these ridiculously high numbers.
- Non-expert developers with little or no computer science background and little or no security training are building user facing applications.
- Attackers are automating and building attack scripts and launching them against thousands of Web sites in attack waves.
This expansion of the Web, while great for users, increases the attack surface and allows for an entirely new class of attacks that didn’t exist even a few years ago. And a new class of attacks, according to Dasient, requires a new way of thinking, and a new class of solutions.
Dasient: Web Anti-Malware at Web Scale and at Web Speed
Founded by Neil Daswani, a former Google security engineer and product manager, Shariq Rizvi, a former member of Google’s Webserver and App Engine teams, and Ameet Ranadive, a former McKinsey strategy consultant, Dasient hopes to confront today’s Web malware problems by using automated mechanisms in an attempt to stay ahead of the bad guys and their automated and systematic attacks against Web sites.
The company, which raised its seed round of funding (just over $2 million) in December 2008 from investors Stratton Sclavos (former VeriSign CEO), Mike Maples (one of the key investors in Twitter) and Eric Benhamou, (former 3Com/Palm chairman), has been running its services in alpha and is advancing its monitoring and diagnostic service to public beta.
- A free monitoring service which will alert webmasters when their site gets blacklisted (public beta).
- A premium monitoring service ($50/month for a site with less than 1000 pages) that continuously scans a site for malware infections and alerts webmasters when their site has been compromised (public beta).
- A quarantining service through a web server module (private beta).
How Dasient Works
When the service determines that a site has been compromised, it sends an e-mail to the webmaster that details the number of infected pages, their URLs, and the malicious code that caused the infection. From there, the webmaster, with only two clicks, can authorize Dasient to execute quarantine instructions on the infected site.
Although it may take up to a few minutes for the quarantining instructions to propagate across all of the Web servers on the site and/or all of the processes running on the server, once executed, the malicious code will be quarantined off the page and will not be served to visitors – including the Googlebot – resulting in less likelihood of the site being flagged and fewer headaches for the webmaster.
Is Your Site Blacklisted by Google?
Determining whether your site is blacklisted by Google is fairly simple; type this into your browser http://www.google.com/safebrowsing/diagnostic?site= and add your URL at the end (e.g. this is the link to view Google’s listing status for ReadWriteWeb http://www.google.com/safebrowsing/diagnostic?site=http://www.readwriteweb.com/), however, determining which part of your site has been compromised is a lot more difficult.
But, it shouldn’t be that hard.
“Instead of expecting every business to have security engineers of their own, what we need to do is take security services and make them available as a utility to companies just like electricity is a utility these days, and no one needs to keep an electrical engineer on staff like they did back in the nineteen twenties,” Daswani noted.
Good point. And that’s exactly where Dasient comes in.