At FireHost we are continually striving to make the secure hosting services that we provide to our customers even better, so that they can have the luxury of running securely and worry-free around the clock.

We are happy to announce our latest addition to the MyFireHost customer portal – Security View. Today is just the beginning of an impressive line up new features and enhancements that we’ll be integrating into our service in 2011.

Through Security View, you will have a front row seat to monitor your blocked attacks, in real-time with charts and graphs that help you visualize how frequently hackers attempt to breach your secure servers, websites and web-based applications.

Founder and CEO of FireHost, Chris Drake voices his concern for web security and the fundamental need for the new enhancements, “Most companies don’t realize how many attackers attempt to breach their websites and applications on a daily basis. We are so confident in our ability to block cybercrime that we’re opening the curtain and inviting our customers to see how well we protect their websites. Security View exposes the reality of cybercrime and lets our customers know we’re really looking out for them.”

Here a few of the key features Security View provides:

• View blocked application layer attacks (SQL Injections, XSS Attacks, Email Hoarding Events, Directory Traversals, and more)
• Sort and filter malicious activity by hour, day, week, month, or year
• View attack origins by region in real time, for each of your IPs
• Customize views to see attacks on your entire network, all the way down to an individual IP

Security View is a standard feature available to all customers with Secure Servers virtualized with VMWare. The next time you login to MyFireHost, simply navigate the tab labeled “Security” and check it out.

The RideMatch.info flaw provides inadequate scrutiny of user-generated text entered in search boxes and fields throughout the website. Hackers exploit the SQL injection vulnerability by passing commands directly into the back end database.

The vulnerability was identified and reported in August by Kristian Hermansen, a security researcher who was required by his employer to sign up for the service. His report to The Register stated, “The reason I am bringing this to your attention is that the issue is not being fixed by the admins and most companies don’t even know that their employee’s personal and corporate information may be been compromised.”

To date, the exploit has exposed hundreds of employees’ sensitive information across several organizations in S. California, including at least one military entity.

The Ride Match website is a joint project between five regional transit authorities. The service pairs commuters based on home and office destinations as well as departure times. The Riverside County Transportation Commission, an agency responsible for the website, reported to have reached out to the Trapeze Group (a Canada-based development company that designed the software) right after the vulnerability was reported.

Once identified, SQL injection vulnerabilities can often be patched by changing a line or two of code, but The Register spoke to a Trapeze spokesperson on 9/8, and at that time she was unaware of any security bugs being reported on the software. She promised that any vulnerabilities brought to their attention would be investigated and resolved.

During the presentation, we will demonstrate how easily cyber criminals can compromise a website and provide real “is hacked” examples that have taken businesses offline. We will also reveal some common (and easily patched) website vulnerabilities so you leave armed with key defense tactics that can be put in place immediately.

Session Agenda Includes:

• Hacker Profiles and Motives
• Open Source Vulnerabilities
• The Security Ecosystem
• Hot to Protect Your Website

Do not miss this opportunity. Take the first step toward protecting your business’ online identity. One lucky audience member will receive 6 months free, secure website hosting, so register now!

“In 2009, we see three key trends that could impact IT security – a continued explosion of new malware variants, advanced web threats, and an uptick in threats related to social networking sites.” Mr. Salem reinforced that “cybercriminals are more sophisticated and driven than ever, and they operate in an increasingly profitable underground economy that makes it easy for them to not only buy and sell stolen information such as credit card data or even identities.”

Data from Symantec’s Global Intelligence Network indicates we have reached the point where there are more malicious programs created than legitimate programs every day, and that cyber attackers leverage vulnerabilities fueled by application code. Hackers compromise specific (often open source) websites, and then use them as a means for launching other attacks across the internet.

Hosting websites in a secure environment helps prevent malicious hackers from breaching files and applications and stealing confidential information, but you can to more to protect your identity. Partnering with a web host who also has expertise in website security is critical. FireHost’s team of security engineers works directly with clients to help identify and close vulnerabilities in programming and design that hackers can use to exploit your company.

To learn more about how we help remedy JavaScript and open source vulnerabilities, visit our Services page.

According to a survey by Robert Half Technology, seven out of ten CIOs interviewed reported their companies would be investing in new information technology initiatives over the next year. 43% of the respondents overall reported information security as a top priority, and in the financial services and transportation sectors, information security was cited most often as the top priority.

“Although times are lean, many companies are finding that they can’t afford to postpone IT investments that lead to increased security, efficiencies or revenues,” stated Dave Willmer, Executive Director of Robert Half Technology. “Organizations also are trying to make sure they are prepared for growth when conditions improve, and enhancing their IT infrastructure is part of that process.”

Over the past year, there has been a significant rise in the number of malicious attacks on company websites. Symantec identified a 165% in malicious code signatures and cited that the explosive growth can be attributed to the professionalism of malicious code development, supporting the demand for goods and services that facilitate online fraud.

Vulnerable targets are numerous, however increased threat awareness and security investments can help stem the tide. The two biggest threats to website security are open source vulnerabilities and injection attacks, which often allow the disruption and infiltration of web servers. The results can be devastating for companies and their customers, ranging from the theft of confidential information to the insertion of malware.

Properly securing your company’s website and online databases can reduce the risk of a hacking attempt. FireHost uses enterprise, web application firewalls, traffic monitoring, threat detection, automated attack mitigation, and constant monitoring by human personnel to help prevent the serious application-level attacks that negatively impact hundreds of companies and millions of customers every year.

Click here to learn more about our advanced secure web hosting techniques.