Vulnerabilities / Threats
7/26/2013
02:59 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining

System produces an actionable list of recommendations for Web site owners

ROSLYN HEIGHTS, N.Y., July 26, 2013 /PRNewswire/ -- The newly released Scanner from ScrapeDefender is the first and only web anti-scraping vulnerability scanner. Designed to quickly identify a web site's weak points, the tool is available now at http://www.scrapedefender.com.

ScrapeDefender's vulnerability scanner functions like a personal anti-scraping consultant, peering deep into the site's code to pinpoint weaknesses. The system then produces an actionable list of recommendations for website owners. Results from a scan are presented in plain English, so there's no delay between seeing a problem and fixing the problem.

Scraping is a big, somewhat shadowy business: ScrapeDefender estimates that content scraping is a $1 billion industry (comprised of software and services) with losses from content theft close to $10 billion. In the past year, Internet job boards have advertised an average of 147 scraping jobs daily as documented by ScrapeDefender's in-house team.

According to Robert Kane, CEO of ScrapeDefender, "Scraping is pervasive among small and large companies including many in the Fortune 1000. Yet many of these same companies also engage in targeted scraping of other sites, borrowing content they do not own and siphoning away value to enhance their own brands."

Bondview, the largest free web site for municipal bond investors, decided to use ScrapeDefender after manually blacklisting suspicious IP addresses. Chris Madden, Product Manager of Bondview, explained, "Bondview's data is its primary economic asset so our business literally depends on protecting it. But rather than employees manually performing IP address blocking, ScrapeDefender automates this protection expertly for us at a fraction of the cost."

Travel, publishing and consumer product websites are among the most attractive targets for scrapers that steal valuable information like price data to use as a competitive advantage.

Any web site owner in any industry that values their content should assess their vulnerability to scraping. Web scrapers extract millions of pieces of information silently and quickly.

Beyond the Scanner, ScrapeDefender has two more protection products releasing soon: The Security tool functions like a roadblock by stopping bots from stealing web site content. The integrated Monitoring tool will offer real-time alerting of suspicious activity. Used together, these three tools provide companies with end-to-end anti-scraping protection of their online information.

ScrapeDefender's mission is to make the Internet safer for businesses by protecting their work. More information on scraping and its harmful effects is available at http://scrapedefender.com/education/.

About ScrapeDefender

ScrapeDefender was founded in 2011 by veteran network security and web content professionals with experience at RSA Security, Getty Images, Goldman Sachs, JP Morgan, Citibank, Ernst & Young, EMC and others. As creators and publishers of web sites with valuable content, the founders were tired of seeing their information copied and or stolen via the Internet.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ZachB423
50%
50%
ZachB423,
User Rank: Apprentice
2/6/2014 | 7:06:46 PM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
I tried to give it a shot and their website is garbage. The "free scan" didn't do anything at all when I repeatedly clicked it, I didn't even get a spinning icon to indicate any kind of load that was taking place. So then I figured maybe if I signed up it would work. So, I get into the trial account and this time it gives me the normal "waiting" indicator in my browser to show a page is loading but it repeatedly kept timing out. I then realized they sent me a "confirmation link" so I click that and it is a 404 page that says "page not found. Then I gave it one more try on the "scan" page with the same time-out results before saying screw it. Horrible UX and that's probably why I never heard of them until researching today.
BarryH435
50%
50%
BarryH435,
User Rank: Apprentice
8/4/2013 | 3:26:04 PM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
Is the tool similar to numerous monitoring tools that exist on the market eg Anturis? Can we use your tool as a monitoring one? what is better?
JimW319
50%
50%
JimW319,
User Rank: Apprentice
7/27/2013 | 1:46:55 AM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
The back story on ScrapeDefender is their CEO Robert Kane, was the original founder of the Intrusion Detection. He was there at the beginning. He also created the Kane Security product line which RSA Security acquired. Under his guidance I expect some good stuff from ScrapeDefender.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9688
Published: 2015-03-05
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.

CVE-2015-2214
Published: 2015-03-05
NetCat 5.01 and earlier allows remote attackers to obtain the installation path via the redirect_url parameter to netshop/post.php.

CVE-2015-2215
Published: 2015-03-05
Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.

CVE-2015-2216
Published: 2015-03-05
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter.

CVE-2015-2218
Published: 2015-03-05
Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) item[name] or (2) item[customcss] parameter in a w...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.