ssl comodobanner logo

Flexible & Affordable Certificate Options that Fit a Wide Range of Needs

Web Inspector by COMODO®

Blacklist Monitoring and a Daily Malware, Vulnerability & PCI Scanner in One!

Web Inspector by Comodo® at its core is a powerful cloud-based malware and blacklist monitoring service (plus much more) for websites. It ensures security at the highest order. If there is a known malware strain discovered on a site or if a website is found to be blacklisted on any major search engine for any reason, the owner is immediately notified through an email. This immediate notification helps the website owners reduce the risk of major website catastrophes and keeps their customers security a priority.

ssl-web-inspector-bannerAside from the anti-malware and blacklisting utility, Web Inspector also incorporates a full-fledged PCI scan that’s driven by Comodo’s top-rated Hacker Guardian technology. This is to help site owner’s maintain compliancy with the Payment Card Industry’s mandatory standards. Check out more of the feature/benefits below and choose the best way to add another layer of protection for your company and customers.

Web Inspector protects your website, business and customers. Select from one of the plans below to proceed.

Features Starter Plus Premium Enterprise
Price €7.99/mo 10.99/mo 14.99/mo 29.99/mo
Number of pages scanned (1 domain) 50 250 700 1000
Phone Support ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Trust Seal ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Compliance
PCI Compliancy Scanning
90 days Advanced
Version
Advanced
Version
Enterprise
Version
Inspect
Daily Malware
ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Blacklist Monitoring ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Detect
Daily Scan for Vulnerabilities
ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Network Security ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Protect
Immediate Notifications
ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Check Against at Latest Malware ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Continuous Monitoring ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
No Software Download ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green
Easy to Use Dashboard ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green ssl-yes-icon-green

*WebInspector packages are for a single domain. All pages scanned must be on a single domain.

Why use Web Inspector?

ssl-webinspector-icon

Trust is one of the single most important factors influencing customers browsing online and Web Inspector is made to protect your customers online, by protecting your website.

Web Inspector is a cloud based service that inspects your website for malware, detects any vulnerabilities to being attacked and protects your website from thousands of security threats, daily!It also embeds PCI compliance scanning for E-commerce websites that accept credit card payments, to keep them compliant with the payment card industry’s mandatory standards.

Web Inspector’s exhaustive platform boasts the following key features to help protect your website, business and customers.

ssl-web-insector-icon2Daily Malware Scanning
Every time Web Inspector scans your website, it makes sure that no known viruses or malware have been injected. This protects your customers and your business by preventing hackers from using your site to infect visitors and wreak havoc. You will be notified immediately if a problem is discovered.

ssl-web-insector-icon3Blacklist Monitoring
Online trust and reputation are critical to the success of your business. This feature does an exhaustive check, daily, to make sure your website is not blacklisted by major search engines such as Google and Yahoo. You will be notified immediately if a problem is discovered.

ssl-web-insector-icon1Immediate Notifications
Time is money and Web Inspector is designed with this in mind. If it detects any malware or vulnerabilities it shoots out an immediate notification to you via email so you can keep your site safe.

ssl-web-insector-icon4No Downloads No complicated set up
Web Inspector is a simple and easy to use internet “Cloud Service” that allows you to do everything from your browser. This makes setup and maintenance a breeze!

ssl-web-insector-icon5PCI Scanning
Web Inspector ensures you are PCI compliant and gives you the flexibility to schedule compliance scans based on your preferences. Web Inspector is the only website security product that includes this important feature to help you avoid any penalties or fines. It is an industry requirement for all businesses that store, process, or transmit payment cardholder data to be PCI compliant. Comodo, the company behind Web Inspector, is a PCI Approved Scanning Vendor.

ssl-web-insector-icon6Database Security
Hackers are constantly trying to use SQL injection techniques to access sensitive customer information such as username and passwords or company data such as credit card transaction details stored in your database. Web Inspector tests and makes sure if all possible entry points such as input boxes on your website are secure enough to fight such attacks. This helps you protect your customers and defend your company’s online reputation.

ssl-web-insector-icon7Comodo Innovation Labs
When it comes to security, what makes one product better than the other is not how fancy the packaging is, but how well it protects! Web Inspector, from Comodo’s innovation labs, uses a ‘high interaction honeypot’ mechanism that avoids ‘false positives’ and produces a superior quality of forensic analysis other products don’t do or can’t match.

ssl-web-insector-icon8Testing from your Customer’s perspective
Online trust and reputation are critical to the success of your business. This feature does an exhaustive check, daily, to make sure your website is not blacklisted by major search as Google. If it is, we automatically notify you to help you remove your site from such blacklists.

ssl-web-insector-icon9Trust Seal
Don’t shy away from telling your customers that your website is now secure and safe. The Web Inspector Trust Seal will visually communicate that your website is safe, secure, trusted and verified. This will give them the confidence that it’s safe to browse, shop and revisit.

FAQ’s – Frequently Asked Questions

Web Inspector blacklist monitoring is an automated, daily check to make sure that your website is not blacklisted by any major search engine or anti-malware organization.

  • Approximately 6000 websites are added to Google’s blacklist every day
  • It can take 7-10 days for remediation and recovery of a blacklisted site
  • During this time, your website will be blocked by all major Internet browsers
  • Your customers and partners will be effectively blocked and your reputation will suffer
  • Without an early warning system, you may be unaware until a customer complains
Apart from the blacklists run by major search engines, there are also blacklists for Spam email, DNS, Phishing and many more. Comodo Web Inspector checks all of these blacklists every day to make sure your website is not listed. If it is, you will be immediately alerted so that you can take remedial action.
  • Automatic, daily malware scans on your website
  • Daily checks that your website is not present on any Internet blacklists
  • Full reports and mitigation advice if malware is found
  • You are notified the instant a problem is detected
  • Easy, web based interface means you can be up and running 5 minutes after sign up
Select the plan that best suits you from the ‘Plans & Pricing’ page, fill in your details and you will be setup in no time!
Malware (short for “malicious software”) is any harmful program or file intended to secretly access a computer or steal confidential user data. The umbrella term ‘Malware’ covers computer viruses, worms, Trojan horses, spyware etc. Malware may be served as hidden codes within a website content, served content like banners, advertisements etc. and used as a vehicle for hacking and other cyber-crime.

Traditionally, malware was only ‘activated’ as a result of the user proactively opening an infected file. For example, opening an email attachment or double clicking on an executable that had been downloaded from the Internet. Unfortunately, hackers have become much more sophisticated over recent years and this level of interaction is no longer required. Hackers can now launch attacks over the Internet – attacks that are triggered simply because the user visited the website. In some cases, these ‘drive-by attacks’ often use served ads as a vehicle for delivery.

There are many ways in which a website can attack your computer. Two of the most dangerous and widespread examples are:

The ‘Drive-by-Download’ Attack: The ‘drive-by-download’ attacks occur when a visitor navigates to a site that injects malware onto the victim’s PC. Crucially, these attacks are usually downloaded and run in the background in a manner that is invisible to the user – and without them taking any ‘action steps’ to initiate the attack ( for example, erroneously downloading a file that later transpires to be malware). Just the act of viewing a web-page that harbors this malicious code is enough for the attack to run. The downloaded malware often initiate a buffer-overflow attack.

Buffer-overflow attack occurs when the downloaded malicious program or script deliberately sends more data to a target applications memory buffer than the buffer can handle – which can be exploited to create a back door to the system though which a hacker can gain access. The goal of most attacks is to install malware onto the compromised PC whereby the hacker can reformat the hard drive, steal sensitive user information, or even install programs that transform the machine into a Zombie PC.

There are many types of buffer overflow attack, including stack attacks, heap attacks and ret2libc attacks. In each case, the goal is to destabilize or crash a computer system by deliberately causing a buffer overflow – creating the opportunity for the hacker to run malicious code and even gain control of the entire operating system. As would be expected, the applications most vulnerable to a buffer overflow attacks are those whose primary function involves Internet connectivity – such as web-browsers, e-mail clients and instant messaging applications.

Cross Site Scripting Attack: The Cross Site Scripting (XSS) attack is initiated by malicious attackers injecting client-side script into web-pages accessed by unsuspecting users. The injected scripts enable the attacker to steal sensitive page content, session cookies, and a variety of other information maintained by the browser on user’s computer. There are two types of XSS attacks:

Non Persistent: The malicious script, passed by the attacker e.g. through the HTML forms, can place hidden frames or deceptive links on unrelated sites in the web content of the legitimate serve. This can cause victims’ browsers to navigate to a malicious site automatically – often completely in the background. In such a case, the attacker can intrude into the security context and steal them from the victim’s browser.

Persistent: The malicious script, passed by the attacker e.g. through the HTML forms, is saved in the server and displayed permanently in the normal pages rendered to the visitors. This enables the attackers to hijack the transactions through the legitimate server and can steal sensitive information like authentication passwords, credit card numbers, billing information etc.

If you find a site with malicious content, please report your network administrator or your ISP along with the URL of the website. Also include the information that you discovered these threats by using Comodo Web Inspector scanning service, available in your report (Report as Malicious). This will enable the administrator or the ISP to rescan the reported website(s) and to take necessary actions based on the scan reports to safeguard the visitors of the website.
If we find that your site is blacklisted, we will immediately alert you via the email address registered with us along with your account.
We scan all the files in your website with our award winning scanning engines and the very latest database of known malware in order to identify even zero-hour threats.
Your website will be scanned for malware and malicious changes everyday, while the search engines do the same over much longer intervals. Hence, we may identify the malware before the search engines do.
Immediately after finding malware we will alert you through email at the email address registered with us during account creation. This will enable you to take necessary remedial measures to disinfect your site and prevent being blacklisted by the search engines.
Once you sign up, you will have access to two important components of Web Inspector with dedicated dashboards for:

  • The daily malware scanning service: It does a comprehensive malware scan of the pages of your website and checks every major website blacklisting service to ensure your site isn’t listed. This provides immediate notifications in case a problem is discovered
  • The Vulnerability & PCI Scanning Extension: This dedicated dashboard revolutionizes the way you test your website’s security. This will give you a daily vulnerability scan and scanning to be PCI compliance.

See All Comodo Web Inspector Plans
and Get Yours Now