The MDS can cover main external and internal web sites and sub-domains of web. The scope of the MDS service includes following:
• Web site analysis for vulnerable and/or erroneous code.
• Monitoring malicious activity upon request from customer.
• On-demand scans for quick review after malware removal.
• Detailed report on malicious content and malicious web pages.
• Provision of recommendations for malware removal.
MDS supports regularly scheduled scanning to monitor web sites on an ongoing basis, with email alerts feature to quickly notify organizations when infections are discovered. The MDS process consists of the following steps:
Step 1: Scope Validation
Solvit Networks team will validate the scope of the target list provided by customer. This is a safety measure to ensure the accuracy of subsequent findings and will include the following activities:
• Ping sweeps and route tracing.
• Searches for sub-domains of web site.
• Checks for accessibility of web site.
Step 2: Performs Malware Scanning
MDS will intelligently crawls customer web site and identify all possible infections and backdoors on web site. Ingram Micro team will perform MDS on the given web sites and checks for following malware types:
• Web site Defacements.
• Hidden I-Frames.
• PHP mailers.
• Phishing page detection.
• Web site Backdoors.
• Web site Anomalies.
• Cross site scripting.
• Rogue processes being started.
• Document writes with obfuscation.
• Web bugs.
Step 3: Analysis of scan results
Ingram Micro team will evaluate, analyze, and categorize MDS findings based on impact and severity.
Step 4: Recommendations & Reporting
Recommendations based on the malware type and web site will be suggested. Detailed report of all malware infections per web site and recommendation will be provided.
Upon completion of the MDS service, a detailed report will be sent to client, including the following:
Executive Summary: Summary of the purpose of this assessment, as well as brief explanation of the threats that the organization is exposed to from a business perspective.
Findings: A detailed, technical explanation of the findings of the assessment along with steps and proofs of the findings.
Conclusion & Recommendations: This section provides final recommendations and summary of the issues found during the security assessment.
The MDS service on about 5 Web Applications can be completed in two business days