Unfortunately, services like HackerSafe are a necessary evil for PCI-compliance. We use it and all it does is run a nightly scan of our site using a custom version of Nessus.
I will say, though, that it can be helpful in discovering issues that you may have never given thought to. In one instance, I corrected an issue where they were able to intercept a cookie value midstream via a sniffer and have it send back some bogus data. My chief complaint with them is their notification system. Its extremely inconsistent and if you don't stay on top of it, you can fall out of PCI compliance very quickly. As for the HackerSafe badge, I agree that its like asking for trouble but customers like it and it gives them a sense of confidence. Its definitely a catch-22. Rey Bryan Stevenson wrote: > Has anybody else sen this HackerSafe program from Scan Alert? > > https://www.scanalert.com/ > > Does anyone else feel this is like throwing down the gauntlet to potential > hackers?? I mean come on...."this site certified to be 99.9% hacker safe" is > like saying....come one and all and try and hack us to prove us wrong!!. > > Personally I've always warned clients about boasting about their security for > just that reason. > > Thoughts? > > Cheers > > Bryan Stevenson B.Comm. > VP & Director of E-Commerce Development > Electric Edge Systems Group Inc. > phone: 250.480.0642 > fax: 250.480.1264 > cell: 250.920.8830 > e-mail: [EMAIL PROTECTED] > web: www.electricedgesystems.com > > Notice: > This message, including any attachments, is confidential and may contain > information that is privileged or exempt from disclosure. It is intended > only for the person to whom it is addressed unless expressly authorized > otherwise by the sender. If you are not an authorized recipient, please > notify the sender immediately and permanently destroy all copies of this > message and attachments. > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:280410 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
