« WAF Wars | Main | Windows Desktop Search Indirect Script Injection »

May 20, 2009

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d835130c5153ef01156fa416f0970c

Listed below are links to weblogs that reference Proactive Malware Scanning:

Comments

kingthorin

Does this require any valid ISS license?

Mike

Does any of the data that gets passed through the ISS Virus Prevention System (VPS) engine and ISS WebFilter SDK have to leave the application? i.e. Is the VPS engine and WebFilter SDK contained within the AppScan Malware Scanner eXtension or is scan data handed off to an external website?

Guypo

No.

All the content AppScan sees gets passed to the VPS engine, which is a local module that analyzes it and reports on its findings - the data does not leave AppScan's process, let alone the computer.

All links are passed to the WebFilter SDK, which does query an online server for the categories this URL belongs to - so the URL itself it passed. That said, the URL is passed over SSL, there are no private details sent with it (it's anonymous), and it is not stored on the server.

I hope this helps clarify things,
Guypo

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Follow us on Twitter

AppScan Free Trial


Try IBM Security AppScan software at no charge.

Become a Fan