We use it for PCI Scans and HackerSafe Logo. We did a great A B test with them and it showed people that saw the logo bought more than people that didnt see the logo.
Not bad considering we sell Furniture online :) My only complaint is I would like to get notified when a system fails PCI scan. Currently they only notify when a site is not HackerSafe. They say its in the works. Great people though Eric Haskins On 11/7/06, Rey Bango <[EMAIL PROTECTED]> wrote: > > @Will, Tom & Kevin: > > I've been using it and it does a good job of catching some very common > issues. Its basically doing a daily Nessus security assessment and will > flag quite a number of things, including XSS, SQL injection and > vulnerable 3rd party apps. Overall its a good investment and they help > you become PCI-certified, a requirement of the credit card companies. > > @Tom > "Having a security audit is a good thing, but I wouldn't say a sign > saying 'we're secure' drives people one way or the other." > > I beg to differ. We've actually asked some of the customers and they do > have a greater sense of security when they see the HackerSafe badge. So > it has had a positive impact on the site. > > @Kevin: > "Plus unless you're saving Credit card data and run on a poorly > configured server, SSL pretty well keeps you covered as long as you make > sure your application is solid. > > The biggest threat to online consumers is there own machines and how > well they maintain and secure them." > > Thats a fairly simplistic view of site security. XSS right now accounts > for the majority of attacks on sites and having regular audits, coupled > with good coding practices, helps to ensure that you don't run into > issues. Of late, the server component isn't the big target, its the > application itself. Services such as ScanAlert help you lock those down. > > Rey... > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:259467 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
