By- October 08, 2014
We care a lot about our customers’ security and every time a new major vulnerability comes out, we have your back. With that, we want to let you know that we added a suite of tests for the recent Bash vulnerability known as Shellshock to the Tinfoil web application scanner last week.
Shellshock is a high-severity vulnerability that allows an attacker to run arbitrary code on a vulnerable server. It’s important that you run a full scan on your sites and update Bash on any that are vulnerable. If you are a customer on any of our paid plans, recent and future scans include these tests. If you’re using our free XSS-only plan, we’ve added the Shellshock tests to run with any of your scans through the end of the year.
For non-customers, feel free to sign up for a Tinfoil Security account. You’ll automatically be enrolled in a free 30 day trial of our Standard plan and post-trial you can always keep scanning your website for XSS for free! Once in a trial, any scan run will test your website for the Shellshock vulnerability. Please note that this does not include scans run from our homepage.
Tinfoil Security provides the simplest security solution. With Tinfoil Security, your site is routinely monitored and checked for vulnerabilities using a scanner that's constantly updated. Using the same techniques as malicious hackers, we systematically test all the access points, instantly notifying you when there's a threat and giving you step-by-step instructions, tailored to your software stack, to eliminate it. You have a lot to manage; let us manage your website's security.