Vulnerabilities / Threats
7/26/2013
02:59 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining

System produces an actionable list of recommendations for Web site owners

ROSLYN HEIGHTS, N.Y., July 26, 2013 /PRNewswire/ -- The newly released Scanner from ScrapeDefender is the first and only web anti-scraping vulnerability scanner. Designed to quickly identify a web site's weak points, the tool is available now at http://www.scrapedefender.com.

ScrapeDefender's vulnerability scanner functions like a personal anti-scraping consultant, peering deep into the site's code to pinpoint weaknesses. The system then produces an actionable list of recommendations for website owners. Results from a scan are presented in plain English, so there's no delay between seeing a problem and fixing the problem.

Scraping is a big, somewhat shadowy business: ScrapeDefender estimates that content scraping is a $1 billion industry (comprised of software and services) with losses from content theft close to $10 billion. In the past year, Internet job boards have advertised an average of 147 scraping jobs daily as documented by ScrapeDefender's in-house team.

According to Robert Kane, CEO of ScrapeDefender, "Scraping is pervasive among small and large companies including many in the Fortune 1000. Yet many of these same companies also engage in targeted scraping of other sites, borrowing content they do not own and siphoning away value to enhance their own brands."

Bondview, the largest free web site for municipal bond investors, decided to use ScrapeDefender after manually blacklisting suspicious IP addresses. Chris Madden, Product Manager of Bondview, explained, "Bondview's data is its primary economic asset so our business literally depends on protecting it. But rather than employees manually performing IP address blocking, ScrapeDefender automates this protection expertly for us at a fraction of the cost."

Travel, publishing and consumer product websites are among the most attractive targets for scrapers that steal valuable information like price data to use as a competitive advantage.

Any web site owner in any industry that values their content should assess their vulnerability to scraping. Web scrapers extract millions of pieces of information silently and quickly.

Beyond the Scanner, ScrapeDefender has two more protection products releasing soon: The Security tool functions like a roadblock by stopping bots from stealing web site content. The integrated Monitoring tool will offer real-time alerting of suspicious activity. Used together, these three tools provide companies with end-to-end anti-scraping protection of their online information.

ScrapeDefender's mission is to make the Internet safer for businesses by protecting their work. More information on scraping and its harmful effects is available at http://scrapedefender.com/education/.

About ScrapeDefender

ScrapeDefender was founded in 2011 by veteran network security and web content professionals with experience at RSA Security, Getty Images, Goldman Sachs, JP Morgan, Citibank, Ernst & Young, EMC and others. As creators and publishers of web sites with valuable content, the founders were tired of seeing their information copied and or stolen via the Internet.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ZachB423
50%
50%
ZachB423,
User Rank: Apprentice
2/6/2014 | 7:06:46 PM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
I tried to give it a shot and their website is garbage. The "free scan" didn't do anything at all when I repeatedly clicked it, I didn't even get a spinning icon to indicate any kind of load that was taking place. So then I figured maybe if I signed up it would work. So, I get into the trial account and this time it gives me the normal "waiting" indicator in my browser to show a page is loading but it repeatedly kept timing out. I then realized they sent me a "confirmation link" so I click that and it is a 404 page that says "page not found. Then I gave it one more try on the "scan" page with the same time-out results before saying screw it. Horrible UX and that's probably why I never heard of them until researching today.
BarryH435
50%
50%
BarryH435,
User Rank: Apprentice
8/4/2013 | 3:26:04 PM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
Is the tool similar to numerous monitoring tools that exist on the market eg Anturis? Can we use your tool as a monitoring one? what is better?
JimW319
50%
50%
JimW319,
User Rank: Apprentice
7/27/2013 | 1:46:55 AM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
The back story on ScrapeDefender is their CEO Robert Kane, was the original founder of the Intrusion Detection. He was there at the beginning. He also created the Kane Security product line which RSA Security acquired. Under his guidance I expect some good stuff from ScrapeDefender.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio