QualysGuard Malware Detection allows free Web site scanning

Keeping systems malware-free is a never-ending challenge. IT pro Rick Vanover shows how a new free tool can help you to protect your external Web servers.

This week, much of the IT ecosystem is focused on San Francisco for the RSA Conference. I keep an eye on events like this for key product updates and new releases that can enhance the quality of my IT practice. Today at RSA Conference, Qualys has released the beta of a free service to protect against Web server malware.

QualysGuard Malware Detection allows Web server administrators to perform automatic scans of external-facing Web servers. Alerts can be configured to notify you of a failed element of the scan. The engine uses Qualys static and behavioral analysis trends that will look at specific elements on the Web site such as:

  • Encoded JavaScript with obfuscated content
  • Document.writes obfuscation filtering
  • Web bug tracking small code
  • External loads of content with character encoding within frames
  • Rogue Windows registry keys
  • Program installations and run state
  • Disk activity
The Malware Detection product is a service that is launched online from Qualys and scans the Web site you specify. There is a simple dashboard and wizard that you launch to initiate a scan against an external Web server. Figure A shows this wizard being launched: Figure A

Figure A

The web server that you scan must be on a domain that you can verify with a corresponding email address. There are a number of blacklisted websites in the inventory of the QualysGuard service, but it is intended for site administrators to be the ones whom initiate the scan.

In my opinion, this is an attractive offering for a free service. The key differentiator is that the automated scan and alert can proactively keep network administrators in tune with the status of the Web servers they support. The second positive factor here is that a Web engine-specific scan is performed, catching objects that will fall short in typical server antivirus protection. QualysGuard is available now as a free service and is in beta. For more information, read the datasheet or go to the service site to sign up and scan your Web sites.

What tools do you use to provide Web server-specific malware protection? Chances are standard antivirus programs are not enough.