Table of Contents

WAS Defacement Checks

Rama Sadhu Updated by Rama Sadhu

Definition of a Website Defacement Attack

Defacement refers to gaining access to the website and making some visible or hidden malicious changes. It may result in any sort of change to the content, script, site structure, etc. A compromised section on the site could be leveraged by the attacker to deface your web presence and eventually affect your business reputation.

How does Indusface WAS make an Advance Assessment

Indusface reviews the website for any unauthorized access or hacks on the entire site or on any specific web page. Indusface’s intelligent scanning system works by checking parameterized deviations using custom metrics as mentioned below:

  1. DOM depth
  2. External links
  3. Internal links
  4. External java scripts
  5. Internal java scripts
  6. Image tag
  7. Audio tag
  8. Video tag
  9. Script tag
  10. Style tag
  11. Structure similarity
  12. Content similarity

The scanner will collect the last consolidated 7 scans’ metrics data and compare it with the latest metrics. Based on the comparison, the scoring system will give weightage to each metric’s parameter to calculate the final score for the respective URL.

Get Started with the Defacement Scan

Select the Malware Monitoring section from the left menu panel as referred to in the screenshot below.

On the malware monitoring section, you will find the “Web applications” section at the top.

Select the option “In sites” under the Web application as referred to in the screenshot below.

Where can Customers Find the Scan Summary Report

The next step is to select the site for which you would like to view the defacement scan summary, refer to the screenshot below:

What does the Scan Report Provide

The report provides an executive summary of the defacement scan performed on the suggested site for all the listed pages. It will provide a status based on the metrics parameter percentage valuations so that you should be aware of the next steps you can take to minimize the change if any. Further adding up to the details, here are the terms used:

  • Variation: It displays the change that occurred between the last 7 days’ scan average vs current scan for the page i.e., page depth, links, tags, scripts, content, structure, etc, and the higher the number means the more it got defaced.
  • Tolerance: It displays what page score alert must be triggered. i.e., Low: 30+, Medium: 50+, High: 70+
  • Overall variation: It displays how much the page has been changed based on its structure, the higher the value means the more it changed.

Detailed Site Map View from Indusface Scan

Here, you can review the details of the site URLs crawled to get the defacement report and analyze based on the metric parameters that are mentioned above.

How did we do?

WAS Consulting License

Contact

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.