MTvScan & Add-On Services- WAF and SSL

Author: Rohit Aher

MTvScan is basically a malware, threat and vulnerability scanner which thoroughly scans your website and detects any type of irregularities related to any potential threat to your website. Newer updations in browsers and website applications have made it easy for hackers to breach your website and control it their way. Keeping your website safe and secure will ensure that you have high traffic on your website and it is always up and running with top most user experience. Hackers continuously try to breach your website through illicit ways where their motive is to deface your website, hack your sensitive data or make use of your website for improper activities.

MTvScan scans your website for vulnerabilities which deeply damages your website’s reputation and one could lose a business due to an unresponsive or a hacked website. Malware is another common attack among hackers where they insert malicious software in one’s computer, server or computer network which damages the entire system which doesn’t stay responsive after the bugs are in the system. Your website is very important for your business and it earns you revenue one or the other way so, it is essential that you take necessary steps in order to ensure that your website and your business stays safe at all times.

When you understand the importance and growing need of a website security scanner, then you tend to look for a solution which will suffice your needs and will always keep your website secure from any type of online threat. There are multiple website scanners in the market which promises to protect your website but they fail to do so because they do not scan all the threats to your website which leads to incomplete scanning and leaves your website vulnerable to attacks.

MTvScan scans the top 5 vulnerabilities which are as follows:

1. Content Management System

Content management systems are used to create a website though CMS like WordPress, Joomla and Drupal. There are various themes and plug-ins through which you can build your own websites. If there are vulnerabilities in those themes or plug-ins then you have built a website which is vulnerable and any hacker can easily get into your website. MTvScan first detects through which CMS the website is built, and then it scans for the themes, plug-ins and un-protected admin area. Then it scans CMS in all directories to find vulnerabilities.

2. Phishing Scan

Phishing is a technique used by hackers to trick you into disclosing your information such as your username, password, bank details or personal information. The main goal of the attacker is to make money through your information. Hackers commonly call, email or message an individual in order to extract sensitive information. MTvScan detects suspicious Punycode Phishing URLs, finds similar looking domains which the attacker uses to trick you and also detects typosquatting URLs.

3. Malware Scan

Malicious software also known as Malware is a type of malicious code which attacks your website and the webserver in order to hack your personal information and control your website their way. If your website is your business then you can be deeply affected to malware attack. MTvScan is an anti-malware scanner which detects malicious code in your website and provides alerts in case it finds a malware. MTvScan also scans for page defacements and check JavaScript codes against generic signatures for vulnerabilities. Third party links are also checked through our algorithm.

4. Cross-Site Scripting

Cross-Site Scripting also known as XSS is that type of attack which injects malicious scripts in your website’s script. This attack takes place when the attacker uses a browser side script to inject malicious script in the website. This script can rewrite the content in HTML file. MTvScan scans the client sides website script through injecting a Payload in his script. If the client sees a pop up on his website after injecting the payload then his site is vulnerable.

5. SQL Injection

An SQL injection is another type of injection based attack where a malicious Payload is inserted into a website which gains access and control over a web applications database server. MTvScan scans Blind SQL injection, Time based SQL, Error based SQL and Boolean based SQL in a client’s website script.

One should also know the importance of WAF and SSL. Two of the most important components to keep your website safe. Let’s understand what is WAF and SSL:

A. Website Application Firewall (WAF)

WAF is an add-on service when you opt for MTvScan. Website application Firewall is a firewall for HTTP applications. There are certain security norms set by WAF for common attacks such as XSS and SQL injection. WAF protects servers and is deployed to secure web applications.

B. SSL

Secure Socket Layer (SSL) is a security standard which established an encrypted link between a browser and web server. This link makes sure that whatever data is passed through remains private and secure. MTvScan offers SSL certificate as an add-on service to its customers so that their website is safe and as per Google’s newest security standard.