Below are answers to questions following Qualys webcast: Protect Your Web Sites from Serving Malware – Introducing QualysGuard Malware Detection Service. Click here to listen to a recording of the webcast. Also, you can download the presentation slides. This webcast features Brett Hardin, product manager for Qualys and co-author of Hacking: The Next Generation, discussing how to prevent malware from being served from your web sites. It includes a demonstration of the groundbreaking new QualysGuard Malware Detection service.
Q: Our site is hosted by an off-site vendor on vendor’s web servers. Can this service still be used to scan the website?
A: Yes you can. There is a verification process to ensure you are the website owner, just sync up with them regarding the notice they will receive so you can be verified as the owner.
Q: Will Qualys charge for this service once it is out of beta?
A: No. This service will remain being free even when it comes out of beta.
Q: Which browsers do you use for the behavioral scan?
A: Currently we are using Internet Explorer 6 on a Windows XP Service Pack 2. The great thing about this service is it can scale. If we choose to use IE 7, IE 8, Firefox 2, Firefox 3, and Chrome on different operating systems, we can.
Q: Does this system check all types of media on a Web site (PHP pages, PDF files, graphics, etc)?
A: Every link that is identified will be opened inside of the browser for us to maximize the breadth of the scan. Everything a browser can render is analyzed. We currently have Adobe Flash and Adobe Reader installed as base software. Over time, additional software will be included to increase the attack surface.
Q: What parameters do you measure to assure malware success?
A: We use a combination of behavioral and static analysis to ensure we have determined a malicious exploit attempt.
Q: How does Qualys use the information that is collected from web sites? How is it protected?
A: The information collected is used to notify customers of issues when we detect them. The data, along with all other data Qualys has is protected using the same mechanisms as the Qualys Guard product. For more information on data security for Qualys products, visit http://www.qualys.com/products/datasec/.
Q: What will you do if someone tries to scan a site such as their Facebook page, or just facebook.com?
A: The user needs to verify they have the ability to scan this domain. In addition to accepting the license agreement that says this, the user needs to validate they have an email address belonging to the web site they would like to scan.
Q: How does Qualys notify you when malware is found?
A: Once the service is setup, the service will email you whenever malware is found. It will state to login to the service to get more information about what was found.
Q: What time do the scans run?
A: The malware scans will run daily at the time specified by the user.
Q: Where can I register to begin using this service?
A: You can sign up at http://www.qualys.com/stopmalware.