McAfee Squirms; Website Security Leader Struggles to Secure Their Own Website.
Gaps in website security for their own website are giving McAfee, Inc. customers a cause for concern.
Ontario, Canada – May 15th 2009: Website security and antivirus software giant McAfee is dealing with a major security breach documented by website investigators this past week. This breach in the market-leading security software company McAfee has been dominating the headlines for the better part of a week now, and is just the latest in a series of high profile security exposures reported for 2009.
Ironically, the company itself markets a website security scanner to website owners, to protect against related security exposures. As a result, existing and potential McAfee customers are expressing their concerns with the security of their own websites.
The evidence documented by investigators expressed that McAfee’s website had several XSS (cross-site scripting) flaws available on their website service for quite some time. These XSS security ’holes’ allow the website to be very vulnerable to malicious outsiders who want to collect McAfee data - including customer information which may be stored online. Whether McAfee neglected to scan their own site, or their website security audit software simply can’t handle some of the threats - still remains to be seen.
“McAfee has strict policies in place for its own Web sites and for services provided by third parties,” says McAfee spokesman Joris Evers, “We are investigating how these particular vulnerabilities were not identified in our screening process and will adjust our processes if necessary.”
McAfee markets a solution that performs daily scans of customer websites to reveal vulnerabilities. Newest upstart in the website security and audit arena - 54F3.com (http://www.54F3.com), also offers daily scans of customer websites, but presents the results in a simple, easy to understand format that provides information sufficient for management to make decisions on, and for technicians to take action.
“Naturally, I was quite surprised when this popped up,” says Managing Director Jason Remillard of 54f3.com. “We are quite tough on ourselves, and I am a big fan of ‘eating our own dog food’. So, we scan ourselves constantly, and generally abuse our technical staff to resolve with every little issue that our technology detects in our internal audits.”
Naturally, Security breaches at a leading security software company website are almost unheard of. News of the exposure spread quickly throughout the major press and the blogosphere. To date no further comments from McAfee have been issued since the initial report.
###
WebWireID95080
Website security- Contact Information
- Jason Remillard
- Managing Director
- 54f3 Inc.
- Contact via E-mail
This news content may be integrated into any legitimate news gathering and publishing effort. Linking is permitted.
News Release Distribution and Press Release Distribution Services Provided by WebWire.