What is a website vulnerability?
What is Vulnerability Assessment?
How does Symantec help keep my site visitors safe?
How does Symantec help me avoid being blacklisted by search engines?
How does Vulnerability Assessment help companies manage security?
What are the most common types of attack?
Does Symantec™ Safe Site change when vulnerabilities are detected?
What if I already have vulnerability scanning?
Can I customise my scan?
Which SSL certificates include Vulnerability Assessment?
What is a website vulnerability?
A vulnerability is a potential entry point through which a website’s functionality or data can be damaged, downloaded or manipulated. A typical website (even the simplest blog) may have thousands of potential vulnerabilities.
What is Vulnerability Assessment?
Free with the purchase of every Extended Validation or Pro SSL certificate (Compare SSL certificates), Vulnerability Assessment helps you quickly identify and take action against the most vulnerable weaknesses on your website. Vulnerability Assessment includes:
- An automatic weekly scan for vulnerabilities on public-facing web pages, web-based applications, server software and network ports.
- An actionable report that identifies both critical vulnerabilities that should be investigated immediately and informational items that pose a lower risk.
- An option to rescan your website to help confirm that vulnerabilities have been fixed.
How does Symantec help keep my site visitors safe?
- SSL encryption protects online transactions and keeps data confidential in transmission.
- Vulnerability Assessment identifies weaknesses on your website that are most commonly targeted.
- Malware Scanning alerts you if your website is infected with malicious software.
The combination of SSL encryption, Vulnerability Assessment and Daily Website Malware Scanning helps you provide site visitors with a safer online experience and extend security beyond https to your public-facing web pages.
How does Symantec help me avoid being blacklisted by search engines?
Google, Yahoo, Bing and other search engines scan and then blacklist or exclude any website found with malware. By using Vulnerability Assessment to identify vulnerable weaknesses and taking corrective action, you may reduce the risk of hackers finding your site and attacking it. With Daily Website Malware Scanning, you have an early warning system if an attack occurs. Symantec includes both services for free with every Extended Validation or Pro SSL certificate (Compare SSL certificates). Daily Website Malware Scanning is included with every Secure Site SSL certificate.
How does Vulnerability Assessment help companies manage security?
Symantec offers a vulnerability scan that is designed to detect the entry points most frequently used for the most common attacks. The vulnerability report categorises vulnerabilities based on type and risk, and proposes corrective actions. This combination helps businesses quickly identify and remedy critical vulnerabilities, making it easier to secure your website. Vulnerability scans that have not been fine-tuned may generate volumes of unneeded data about low priority vulnerabilities, obscuring the essential security measures that need to be taken immediately.
What are the most common types of attack?
SQL injection is used by hackers to gain access to your database. Cross-site scripting lets a hacker add code to your website to execute tasks. A few simple steps can protect against these common attacks if you know where the weaknesses are on your website.
Does Symantec™ Safe Site change when vulnerabilities are detected?
No. A detected vulnerability does not affect the appearance of your trust mark. Vulnerabilities are not threats: they are entry points that may be exploited. Symantec Safe Site changes appearance when malware is detected and visitors may be at risk. By not connecting your seal to vulnerability scanning results, Symantec helps you maintain trust in your website and allows you to fix vulnerabilities on your own schedule.
What if I already have vulnerability scanning?
Vulnerability Assessment does not replace PCI-compliant vulnerability scans. The free service complements existing protection with an automatic weekly scan and an easy-to-read report of the most critical vulnerabilities. Provided with your SSL certificate, Vulnerability Assessment can be combined with other scans to provide additional information to help decide how to take action.
Can I customise my scan?
Vulnerability Assessment is designed to provide essential information without a complex set-up or extensive management. You may change notifications and activate or deactivate starting points if you have multiple SSL certificates with different fully qualified domain names.
Which SSL certificates include Vulnerability Assessment?
Vulnerability Assessment is included with Symantec Secure Site Pro with EV, Secure Site with EV and Secure Site Pro SSL certificates. Existing customers may activate Vulnerability Assessment for any of these SSL certificates by signing in to the Symantec™ Trust Centre. New customers may activate the service after they complete their purchase.
Symantec Secure Site SSL certificates do not include Vulnerability Assessment and it is not available for individual purchase. To add Vulnerability Assessment to your service, consider an upgrade.
Feedback