Finding the open doors.
Our mission is to improve the overall health of the Internet by finding the gaping holes and trying to get them closed before they are taken advantage of.
We do not intrusively evaluate websites, instead we use public information to assess websites for:
- A visible security breach that manifests itself in something visible to web crawlers and search engines. Security breaches that do not manifest themselves visibly will not be found with our techniques and you will need to find other means to identify if your server has been hacked.
- A visible indication of the use of insecure software components. We use our analysis engine to compare the software components your website is made of to the National Vulnerability Database. If there are any components on your website that score a risk value of HIGH, then we will notify you.
- A visible indication of the unintended exposure of sensitive information, such as credit card numbers.
Each identified issue results in a RescueTheWeb Security Notice, where the impacted company is directly notified
in a confidential manner.
Where we look to Identify insecurities.
We gather website information from the following types of sources:
- Public domain web spidering results.
- Search engine results.
- Blogs from security experts.
- Website rating companies and organizations.
- Security advisories.