Cybersecurity company Comodo has made its first announcement since it sold its SSL business to Francisco Partners. It has launched a free website malware checker and paid-for monitoring service called cWatch Web. This builds on the existing Comodo Web Inspector offering and sits on Comodo’s cWatch platform.
According to Melih Abdulhayoglu, CEO of Comodo: “After multiple blunders caused by website security issues, such as the Equifax hack, have dominated the headlines recently, companies need to be more diligent than ever. Protecting websites is mission-critical.
“This malware removal service is a great first step, allowing companies of all sizes to return their websites to a safe state for no charge. Businesses looking to choose proactive prevention over reactive detection and remediation can guard their sites from hackers with cWatch Web.”
What problems is cWatch Web looking to solve?
The press release for cWatch Web and Comodo’s website list a set of symptoms that may affect customers. These include:
- ‘My website is infected with malware’
- ‘Received a malware alert on Google Webmaster Tools’
- ‘My website is blacklisted’
- ‘My website is loading slower than usual’
- ‘There is a warning about my site on Google’
- ‘My site is sending emails on its own’
- ‘My hosting provider shut down my site due to malware’
- ‘I’m seeing strange files and/or folders’
- ‘There are strange redirects happening on my site’
- ‘My site is not loading’.
It’s a good list.But it is likely that a lot of SMEs would not realise that some or all of these are affecting them. This is why Comodo is offering customers the free website check. It is also making cWatch Web available through Softaculous and cPanel which will make it easy for potential customers to sign up. (It will be interesting to discover if it will introduce a WordPress plugin.)
What is in cWatch Web?
At its most basic cWatch Web is a free website health check. If, during a check, it detects malware, Comodo will remove it. Customers can also sign up to ongoing Comodo services to have regular website monitoring with issues remediation.
This is a good move for many SMEs. They lack the skills constantly to monitor the security of their websites. They also struggle to keep up to date with security patches.
The full feature list includes:
- 24/7 SOC
- Managed web application firewall (WAF)
- Real content delivery network (CDN)
- SIEM threat detection
- Instant malware removal
- Website hack repair
- Full blacklist removal
- Daily malware & vulnerability scan
- Website acceleration
- DDoS protection
- Bot protection
- Vulnerability removal.
Of interest to many customers will be that this is a 24/7 service. It doesn’t matter where the customer is based, Comodo is backing its offering with its global Security Operations Centres (SOCs). This should reduce the drag between scans and ensure that any malware that does arrive on sites is removed promptly. For many SMEs that malware arrives through misconfiguration and/or malvertising.
Misconfiguration is the most common problem. For those companies building their sites on WordPress, they also face the risk of attacks before they have begun to sort out their security. This means that hackers often have control of the site and can circumnavigate security controls.
Malvertising is a different but as important challenge. This occurs when hackers push fakes ads or altered ads to a website. Most website owners rely on large advertising engines to provide them with fee paying adverts. Cyber attacks have meant that these engines have helped spread infected adverts.
Comodo believes that cWatch Web will stop sites falling prey to these attacks.
How does it work?
It’s remarkably easy. Users go to the cWatch website and click on the Free Malware Removal box. This takes them to a simple form where they complete the name of the website, their name and a telephone number. The Comodo support team then calls them back and asks for them to make certain changes to allow cWatch Web access.
Callbacks are always a risk. They can be easily faked with phishing calls. To get around this the Comodo support team will also email instructions to the customer. These, of course, are also subject to phishing attacks. Customers will still need to check the email is valid. But this does enable them to make the changes through their own Change Management process (if it exists).
Once configured for the scan it is remarkably simple. The scan generates a report the customer can see. It cleans any malware from the site. What isn’t clear is how Comodo will deal with false positives. It is quite possible a website designer has been lazy in the coding. As a result that lazy code could end up triggering an alert. Any change would then risk taking the website down.
We were unable to find anything that would allow us to review changes before they took place. This is something we believe that Comodo needs to address. It also needs to provide more details of its remediation process when something goes wrong.
What does this mean?
Comodo is pitching this as a ‘world first’ service. We were unable to find any comparable service which means it should be able to build on what it already offers from its website.
There is a marked need for this type of service especially and many hosting and cloud vendors do not offer an alternative. It will be interesting to see how quickly Comodo moves to sign up hosting and cloud partners and what it offers them.
For SMEs struggling to maintain and manage website security cWatch Web is good news. They are often seen as easy targets by hackers. Comodo is moving the goalposts and making it harder for hackers to take over sites.
