Web-based threats have been a prominent attack method for virus authors ever since the success of the 2001 Nimda worm that spread via email and exploited unpatched vulnerabilities on Web servers. Today, the interactive technologies that are the backbone of Web 2.0 provide fertile ground for cross-site scripting (XSS) attacks. In addition, a lucrative black market in zero-day vulnerabilities, exploit toolkits, and commercially produced malware creates an environment conducive to drive-by downloads of malicious content from even the most legitimate of web sites.
How do you search safely?
Search is one of the many useful features of the Internet that exists today and is a critical component of navigating the rich array of web content available. To search safely, with advance warning of malware or offensive content, companies can utilize a corporate safe web search tool, which will provide guidance to employees on acceptable websites based on the company’s own acceptable usage policies.
The important function that such services provide is the ability to notify web users of potential risks in real time. This distinction of real time is critical, as a site that was safe the last time it was crawled, may not be safe the next time it is accessed. By giving users the right information, in real time, they are able to take control of their online behaviour. This reduces the potential for accidental policy violations and makes it easier for administrators to maintain their security policy. Securing web searches in real time protects the user and the corporation, allowing the user to continue using productivity-enhancing search engines without the increased risk of exposure to malware and policy violations.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.