undefined | Better HN

0 pointswwdevries11y ago0 comments

Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed.

Regarding security vulnerabilities, we specifically patch only those vulnerabilities. This way you can be rest assured that your customer's websites continue to function properly.

0 comments

switch3311y ago

"Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed."

Wouldn't this require un-obfuscating the exploit page because the malware can be basically innoculous looking like an image file? I ask because I am just curious how the tool manages to do this so automated.

Also, props on starting this company. I have been thinking about starting some kind of cybersecurity startup or newer tech startup for a while but haven't produced much yet.

wwdevriesOP11y ago

E-mail me at wouter @ patchman . co

Would love to talk to you

switch3311y ago

Sure I will email you in a bit.

wwdevriesOP11y ago

@switch33 No, our detection method is hash based. We also have on our roadmap to to content based scanning, that would indeed require un-obfiscating the code.

switch3311y ago

One thing that I see as problematic is that there are many custom themes from specific CMS involved. And hashing would be rather not good at that unless you have access to clean theme type files.

j / k navigate · click thread line to collapse

0 pointswwdevries11y ago0 comments

Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed.

Regarding security vulnerabilities, we specifically patch only those vulnerabilities. This way you can be rest assured that your customer's websites continue to function properly.

0 comments

switch3311y ago

"Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed."

Also, props on starting this company. I have been thinking about starting some kind of cybersecurity startup or newer tech startup for a while but haven't produced much yet.

wwdevriesOP11y ago

E-mail me at wouter @ patchman . co

Would love to talk to you

switch3311y ago

Sure I will email you in a bit.

wwdevriesOP11y ago

@switch33 No, our detection method is hash based. We also have on our roadmap to to content based scanning, that would indeed require un-obfiscating the code.

switch3311y ago

One thing that I see as problematic is that there are many custom themes from specific CMS involved. And hashing would be rather not good at that unless you have access to clean theme type files.

j / k navigate · click thread line to collapse