Tutorial: “Decompromising” a site serving malicious code

August 28, 2015

Written by: Scott Shinn

By popular demand we’ve put together a video tutorial (one of many I hope) on how you can use ASL to solve a problem. In this episode, imagine you are an administrator of a system with multiple customers, all with different sites, applications, and owners. You cant touch the code.. and yet, the code has been compromised by an malicious  3rd party.  In security-ese we call this a “Watering Hole” attack. The web site owner is not exactly the target, rather the users that come to that site are. So the site itself is legitimate, the owner is legitimate, and blacklisting is soon to ensue by 3rd parties.  The liability extends to more than just your one compromised website, it could effect everyone using this particular server. What if you had something that could make that problem go away without touching the code?

 


Protect Your Server Now

©2015 Atomicorp, All Rights Reserved

twitterfacebook