Vulnerabilities / Threats
7/26/2013
02:59 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining

System produces an actionable list of recommendations for Web site owners

ROSLYN HEIGHTS, N.Y., July 26, 2013 /PRNewswire/ -- The newly released Scanner from ScrapeDefender is the first and only web anti-scraping vulnerability scanner. Designed to quickly identify a web site's weak points, the tool is available now at http://www.scrapedefender.com.

ScrapeDefender's vulnerability scanner functions like a personal anti-scraping consultant, peering deep into the site's code to pinpoint weaknesses. The system then produces an actionable list of recommendations for website owners. Results from a scan are presented in plain English, so there's no delay between seeing a problem and fixing the problem.

Scraping is a big, somewhat shadowy business: ScrapeDefender estimates that content scraping is a $1 billion industry (comprised of software and services) with losses from content theft close to $10 billion. In the past year, Internet job boards have advertised an average of 147 scraping jobs daily as documented by ScrapeDefender's in-house team.

According to Robert Kane, CEO of ScrapeDefender, "Scraping is pervasive among small and large companies including many in the Fortune 1000. Yet many of these same companies also engage in targeted scraping of other sites, borrowing content they do not own and siphoning away value to enhance their own brands."

Bondview, the largest free web site for municipal bond investors, decided to use ScrapeDefender after manually blacklisting suspicious IP addresses. Chris Madden, Product Manager of Bondview, explained, "Bondview's data is its primary economic asset so our business literally depends on protecting it. But rather than employees manually performing IP address blocking, ScrapeDefender automates this protection expertly for us at a fraction of the cost."

Travel, publishing and consumer product websites are among the most attractive targets for scrapers that steal valuable information like price data to use as a competitive advantage.

Any web site owner in any industry that values their content should assess their vulnerability to scraping. Web scrapers extract millions of pieces of information silently and quickly.

Beyond the Scanner, ScrapeDefender has two more protection products releasing soon: The Security tool functions like a roadblock by stopping bots from stealing web site content. The integrated Monitoring tool will offer real-time alerting of suspicious activity. Used together, these three tools provide companies with end-to-end anti-scraping protection of their online information.

ScrapeDefender's mission is to make the Internet safer for businesses by protecting their work. More information on scraping and its harmful effects is available at http://scrapedefender.com/education/.

About ScrapeDefender

ScrapeDefender was founded in 2011 by veteran network security and web content professionals with experience at RSA Security, Getty Images, Goldman Sachs, JP Morgan, Citibank, Ernst & Young, EMC and others. As creators and publishers of web sites with valuable content, the founders were tired of seeing their information copied and or stolen via the Internet.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ZachB423
50%
50%
ZachB423,
User Rank: Apprentice
2/6/2014 | 7:06:46 PM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
I tried to give it a shot and their website is garbage. The "free scan" didn't do anything at all when I repeatedly clicked it, I didn't even get a spinning icon to indicate any kind of load that was taking place. So then I figured maybe if I signed up it would work. So, I get into the trial account and this time it gives me the normal "waiting" indicator in my browser to show a page is loading but it repeatedly kept timing out. I then realized they sent me a "confirmation link" so I click that and it is a 404 page that says "page not found. Then I gave it one more try on the "scan" page with the same time-out results before saying screw it. Horrible UX and that's probably why I never heard of them until researching today.
BarryH435
50%
50%
BarryH435,
User Rank: Apprentice
8/4/2013 | 3:26:04 PM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
Is the tool similar to numerous monitoring tools that exist on the market eg Anturis? Can we use your tool as a monitoring one? what is better?
JimW319
50%
50%
JimW319,
User Rank: Apprentice
7/27/2013 | 1:46:55 AM
re: Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
The back story on ScrapeDefender is their CEO Robert Kane, was the original founder of the Intrusion Detection. He was there at the beginning. He also created the Kane Security product line which RSA Security acquired. Under his guidance I expect some good stuff from ScrapeDefender.
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5242
Published: 2014-10-21
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action.

CVE-2012-5243
Published: 2014-10-21
functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.

CVE-2012-5702
Published: 2014-10-21
Multiple cross-site scripting (XSS) vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) callback parameter in a color_selector action, (2) field parameter in a date_format action, or (3) company_name parameter in an addedit action to i...

CVE-2013-7406
Published: 2014-10-21
SQL injection vulnerability in the MRBS module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2531
Published: 2014-10-21
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the (1) NodeWorx , (2) SiteWorx, or (3) R...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.