Security: Q&A: ScanAlert’s Ken Leonard

Computer security outfit's CEO discusses benefits of certifying web sites as ‘Hacker Safe’ via method developed by his firm.
By Priya Ganapati
September 30, 2005

As ScanAlert has discovered, being based in the wine country of Napa, California, has its perks, especially when there’s reason to celebrate. In September, the web site security company’s CEO Ken Leonard got his chance to uncork a favorite bottle of cabernet. Fittingly, the bottle carried a label marked “Hacker Safe,” which resembled the company’s certificate awarded to clients with secure web sites and networks.

The occasion marked ScanAlert inking one of its biggest deals ever. The three-year-old company is partnering with Visa International to offer its scanning service to all of the payment processing giant’s merchants in the Asia-Pacific region.

Under the deal, ScanAlert on a quarterly basis will check for security vulnerabilities on the web sites and networks of merchants in the region who handle Visa cardholder data. About 1,000 merchants are expected to be covered in the first year of the deal.

Launched in 2002, ScanAlert’s scanning process assesses the security of a web site and the network supporting it by looking for vulnerabilities and gaps. In the absence of any, it certifies the site as ‘Hacker Safe,’ a tag that web sites hang on their front doors.

The label can cut both ways. While it increases consumer confidence in the web site, critics have said that a ‘Hacker Safe’ emblem could infuriate some hackers and serve as an invitation to attack.

So far, that hasn’t happened, said Mr. Leonard. None of the more than 65,000 web sites that carry the certification today have experienced any attacks. The process is gaining momentum, as evidenced by the Visa deal, he said.

More at Red Herring Online