Johannesburg, 11 Apr 2016
NEWORDER INDUSTRIES, a specialist information security company in South Africa, today announced that with its Web SaaS model, it is now possible and affordable for any size company to take control over their own Web security. This service has been made possible on the back of a long-standing partnership with Acunetix and its industry-leading Web vulnerability scanning solution.
"We benefit from preferential rates for South African businesses, which are fairly resilient to exchange rate fluctuations. This allows local businesses to enjoy the highest levels of Web security well within budget. In South Africa, we have heard for years about the extent of the risk, but until now nobody has stepped up to the plate with a cost-effective solution. We believe our new service offering does exactly that," says Marthinus Engelbrecht, CEO of NEWORDER INDUSTRIES.
This service offering gives South African corporates and SMEs much-needed access to Acunetix, rated the global technology leader in Web application security, at a fraction of the cost of undergoing a traditional comprehensive Web penetration test.
"While South African Web sites proliferate, few corporate companies and SMEs have taken sufficient steps to ensure their Web sites are effectively secured, putting company networks and site users at risk," says Engelbrecht. "This is partly due to the fact that the responsibility for Web security tends to fall through the cracks, and partly because effective and regular penetration testing can prove prohibitively expensive, particularly at a time when local companies are tightening their IT belts and the rand-dollar exchange puts effective security out of reach."
"With our lengthy track record in cyber crime investigations and information security management, we have found that local companies focus predominantly on perimeter and end-point security, but tend to neglect Web security. This is unfortunate, because the Web site is one of the easiest access points to the enterprise. By accessing the site, hackers can not only deface the site itself, but can potentially access customer data and the enterprise IT environments," says Engelbrecht.
The risks to Web sites have increased exponentially, Engelbrecht notes, due in part to large number of organisations building their sites on lightweight and unsecured platforms, or hosting their sites within vulnerable hosting environments. Even when sites are built by professional development firms, security tends to take a backseat to functionality, budget, deadlines and artistic merit. "Over one million .co.za domains are now registered, and hackers on the Internet boast on average around 5 000 .co.za hacks a month, not to mention the large number of South African companies making use of international standard domain name extensions like .com, .org, .biz, and .net, which get hacked on a monthly basis. These numbers provide a good indication of how vulnerable South African Web sites are," he says.
As a result of scarce skills and limited access to industry leading tool-sets, a comprehensive penetration test could cost companies anywhere from R65 000 and may sometimes even exceed the R200 000 margin. An annual Web vulnerability scan or manual penetration test may suffice for a static site, notes Engelbrecht, but sites that are updated regularly with content may need full Web vulnerability scans monthly or quarterly, making comprehensive penetration tests a grudge purchase at best and completely out of reach for small businesses. To meet the need for more cost-effective Web vulnerability scanning, Acunetix delivers a full, automated Web vulnerability scan to identify critical risks and low hanging fruit to be addressed. Should serious issues be uncovered, site owners might then elect to launch a comprehensive penetration test.
"The multi-award-winning Acunetix Web Vulnerability Scanner is an industry leading solution used by Fortune 500 firms to identify flaws in Web code, automatically crawling and scanning off-the-shelf and custom-built Web sites and Web applications for SQL Injection, XSS, XXE, SSRF, Host Header Attacks and over 3 000 other Web vulnerabilities," says Engelbrecht.
Acunetix, a market leader in Web application security technology, reports that over 70% of Web sites and Web applications contain vulnerabilities that could lead to data theft and that cyber criminals are stepping up their focus on exploiting weaknesses in Web applications such as e-commerce platforms, blogs, login pages and other dynamic content. Its flagship product, Acunetix Web Vulnerability Scanner, is designed to replicate a hacker's methodology to find dangerous vulnerabilities like SQL injection and Cross-Site Scripting, before hackers do. Available as an on-premises or hosted solution, Acunetix also delivers detailed reports to support audit and compliance.
Acunetix Web Vulnerability Scanner is provided by NEWORDER INDUSTRIES as part of its Information Security and Ethical Hacking Professional Services portfolio, priced from R1 650 per target once-off, and from R1 250 as a monthly service, giving site owners the ability to continually monitor and remediate. For more information, go to https://www.neworder-ind.net/sign-up.php.
Share