Golem Technologies offers free web site security scanning

One sign that the Cloud is going mainstream is the number of online monitoring and scanning services that are popping up. Last week I reported the new online tool from Monitis which was quickly followed by an email from Charlie Belmer at Golem Technologies alerting me to a free web site scanning service Golem offers for small to medium sized businesses. The free scan highlights security problems and offers more information and greater protection by selling you a paid for service.

Golem’s website has this advice before you start a scan:

Before you scan, make sure you understand the following

Golem Security Scanner uses ‘black box’ scanning technology. This means we will scan your site from our servers, with no prior knowledge. This approximates what an attacker might see from outside the organization. We make every attempt to keep this activity safe for your site, but there is always some risk associated with running an automated process such as this.

Keep in Mind These 4 Facts About Scanning

1. The scan will submit every page and action it can find. This means contact forms, sign up forms, delete buttons, comments… anything!

2. The scanner operates quickly. The total number of requests is limited to reduce impact, however it may increase load on your webserver, and decrease performance.

3. You must own any site you scan! By submitting a scan, you certify that you are authorized to scan the target site.

4. If you have a non production website, enter that URL instead.

Black Box scanning is generally a safe method of testing security. If you have concerns about scanning your website, please contact us and we would be happy to discuss your concerns in more detail. Golem Security Scanner has been tested on numerous production websites without incident, and is optimized to be safe for production scanning.

False Positives

False positives are security vulnerabilities which are detected by the scanner, but which are not actual vulnerabilities. Because Golem security scanner does not actively attack your site, it cannot confirm whether the vulnerabilities it detects are true security holes. The scanner is designed to reduce the likelihood of false positives, but each vulnerability should be checked to ensure it is authentic.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Kevin Tea is a journalist and marketing communications professional who has worked for some of the leading blue chip companies in the UK and Europe. In the 1990s he became interested in how emerging Internet-based technologies could change the way that people worked and became an administrator on the Telework Europa Forum on CompuServe. With other colleagues he took part in a four year European Commission sponsored project to look at the way that the Internet could benefit remote communities. His blog is a resource for SMEs who want to use cloud computing and Web 2.0 technologies.