Maintaining trust: protecting your website users from malware

The proliferation of malware designed to infiltrate computer systems without the owners' informed consent has become one of the most challenging security issues facing users today. Hackers are engineering ever more sophisticated viruses, worms and Trojan horses that can increasingly outsmart traditional defense mechanisms. Given potential costs to the business as well as ethical considerations, Web site owners have a responsibility and a business interest in ensuring that their Web sites are not serving malware. This paper explores the problem of malware and how it is increasingly being delivered through legitimate Web sites. It also introduces new techniques from IBM that are designed to go beyond standard security measures to help organizations proactively defend against threats by scanning their Web sites for instances of embedded malware.