Foundstone Introduces Google Powered SiteDigger

    May 27, 2004

Foundstone, a company offering strategic security for business and IT professionals, today announced the availability of SiteDigger, a free tool designed to help identify potential sources of information leakage on public Web sites.

SiteDigger is the first automated tool using Google to help identify information leakage and uses more than 150 unique signatures to quickly and easily identify vulnerabilities in seven categories including: privacy, back-up files, configuration mistakes, remote administrator interface, error messages, public vulnerabilities, and technology profile. This will allow organizations and webmasters to correct these vulnerabilities, minimizing risk of exploitation.

In order to make use of Foundstone’s tool, users must have Google’s API license key. The key is then entered into SiteDigger, allowing the users to search their site looking for any leaks that may exist. By using their personal Google license key, users can get up to 1000 searches a day.

“The primary goal of most Web sites is to communicate information,” commented Mark Curphey, director of consulting for Foundstone and founder of OWASP. “However, many organizations are innocently sharing more information than they realize via their sites, putting sensitive information at risk. SiteDigger helps organizations proactively find those holes so they can be plugged before any potential damage is done.”

For more information about Foundstone’s S3i (Strategic Secure Software Initiative) products, click here.

WebProNews | Breaking eBusiness News
Your source for investigative ebusiness reporting and breaking news.