Search Results for: #asksecpro

ask a security professional

Ask a Security Professional: Malware Analysis Series — Part Four: Detection vs Removal

By Logan Kipp
If you’ve ever seen me at a WordCamp, you’ve probably heard me answer this question, and likely more than once. When it comes to malware scanning on a WordPress website, what makes the SiteLock® malware scanners different from the competition? Well, scanners simply are not created equal. My go-to short answer is typically explaining one of our scanners’ “killer features,” like its ability to automatically remove malware.
Tags:   malware, malware detection, malware removal, signature
Categories:  Ask a Security Pro, The District, WordPress security
ask a security professional

Ask a Security Professional: Malware Analysis Series — Part Three: How is a Signature Born?

By Logan Kipp
Security researchers at security firms like SiteLock® audit code that has been flagged as suspicious, either by individuals or by an automated system performing behavioral analysis (which we’ll talk more about in the next section), to determine whether or not the code is actually malicious. If a file or piece of code is deemed malicious by the security researcher, it enters the database, typically as either a file match signature, or a code snippet signature.
Tags:   behavioral analysis, code snippet signature, file match signature, malware, signature
Categories:  Ask a Security Pro, The District, WordPress security
ask a security professional

Ask a Security Professional: Malware Analysis Series — Part Two: Behavioral Analysis

By Logan Kipp
You could consider signature-based analysis to be like a policeman running the plates of every car in a parking lot against the police department’s database of stolen vehicles. While this may be an effective method for finding stolen vehicles, if the license plate on the car has been changed or obscured, the car will most likely be overlooked. Keeping with this analogy, behavioral analysis would be the detective.
Tags:   behavioral analysis, machine learning, malware, malware analysis, signature, signature-based analysis, Website Security
Categories:  Ask a Security Pro, The District, WordPress security
ask a security professional

Ask a Security Professional: Malware Analysis Series — Part One: Signature-Based Analysis

By Logan Kipp
Back in February, a colleague and I delivered a talk on website security at WordCamp Miami. Among the many great questions we received both during the talk’s Q&A and at our sponsor booth, one common theme kept reoccurring from attendees: How does malware detection really work? If you want to check out our WordCamp Miami talk, “Beyond the Basics: Building Security into Your Development Projects,” and the corresponding slides are available online.
Tags:   behavioral analysis, malware, signature
Categories:  Ask a Security Pro, The District, WordPress security
ask a security professional

Ask a Security Professional: Firewall Series – Part Three: Stateless vs Stateful

By Logan Kipp
In Part Three of our firewall series, we’re drilling down into some of the mechanisms used in firewalls, namely the progression from stateless to stateful packet filtering. First, packet filtering is the action of inspecting the traffic traversing the firewall’s network to determine if the traffic is meeting the firewall’s security policy. Traffic conforming to the firewall’s security policy is allowed to proceed, while traffic not meeting the policy (e.g. a malicious attempt) is blocked.
Tags:   Firewall, stateful, stateless
Categories:  Ask a Security Pro, The District, WordPress security
ask a security professional

Ask a Security Professional: Black Box vs. White Box Series – Part Two: White Box Testing

By Logan Kipp

Part Two: White Box Testing

In case you missed it, we spoke about Black Box testing in the last part of this series. Today, I’m going to go over Black Box testing’s counterpart, White Box testing. In terms of WordPress website security, White Box testing is the practice of testing the code running behind the scenes from the inside-out. Internal testing can be accomplished through use of various tools to seek out any vulnerabilities that may exist. White Box testing is typically executed in the form of Static Application Security Testing (SAST).
Tags:   code auditing, SAST, vulnerability, white box testing
Categories:  Ask a Security Pro, WordPress security
ask a security professional

Ask a Security Professional: Firewall Series – Part Two: Web Application Firewalls

By Logan Kipp

Part Two: Firewalls -> Web Application Firewalls (WAF)

Every website uses web applications, some more intricate than others. More and more website owners are turning to robust web applications like WordPress to build and manage their  websites. In fact, over a quarter of all websites on the internet use WordPress as a platform, and nearly half of the web is estimated to utilize some kind of content management system.
Tags:   Firewall, Web Application Firewall
Categories:  Ask a Security Pro, The District, WordPress security
ask a security professional

Ask a Security Professional: ‘Black Box’ vs ‘White Box’ Series — Part One: Black Box Testing

By Logan Kipp

Black Box vs White Box: What’s the difference?

If you’re a developer, you may already be familiar with the concepts of “Black Box” and “White Box” testing as it pertains to the development life cycle of your software. It’s a simple concept, really. In software development, Black Box Testing is the testing of the design and/or structure of a piece of software by a party that is not familiar with the inner-workings of said software. Conversely, White Box Testing in software development means having a party that is typically familiar with the inner-workings of the software and the intended behavior of the software run the same sorts of tests.
Tags:   black box testing, dast, penetration testing, white box testing
Categories:  Ask a Security Pro, WordPress security
ask a security professional

Ask a Security Professional: Firewall Series – Part One: Network Firewalls

By Logan Kipp
One question that SiteLock encounters quite often is “Why do I need a firewall when my host has one?” If you haven’t spent a good portion of your life researching firewalls, it’s easy to understand why you’d ask. Most website hosting companies utilize what is generally referred to as a Network Firewall, which is fundamentally different from, but equally as important as, a Web Application Firewall (WAF) like SiteLock® TrueShield. As a WordPress website owner, it is imperative to understand the roles that each plays in your website’s security. In Part One below, we’re covering Network Firewalls.
Tags:   Firewall, Network Firewall
Categories:  Ask a Security Pro, The District, WordPress security