News Feed Item

Global Cyber Alliance Launches Free Tools To Secure Websites And Evaluate Risk From Partner Email

GCA McScrapy and the GCA DMARC Risk Scanner Empower Organizations to Launch Proactive Cyber Defenses

SAN FRANCISCO, April 17, 2018 /PRNewswire-USNewswire/ -- The Global Cyber Alliance today released two new free, open-source tools to enable organizations to reduce cybersecurity risks associated with website and email born cyberattacks.

GCA McScrapy enables organizations to lock down their website to remove potential security issues from third-party services and other unnecessary functionality. In addition, a new email security tool – the GCA DMARC Risk Scanner – allows organizations to determine if the organizations on which they depend, such as their trading partners and supply chain, are protecting their email domains from being spoofed or phished.

"Reducing risk is the best cyber defense," said Philip Reitinger, president and CEO of the Global Cyber Alliance. "Among the most popular open doors that cyber criminals exploit are phishing attacks and compromise of an organization's website. The tools we released today are designed to help stop these attacks and prevent loss to businesses."

GCA McScrapy: Locking Down Websites

While GCA McScrapy can be used on websites developed with any content management system, nearly 60 percent of websites are designed using the WordPress platform. While WordPress is a popular platform, by its nature, its functions raise the risk of potential compromise. WordPress dynamically composes web pages using PHP and JavaScript and thus carries with it a risk for bugs and security vulnerabilities that serve as an attack vector. According to a WP WhiteSecurity October 2017 report on WordPress vulnerabilities, there are 2407 known vulnerabilities, more than half those vulnerabilities (54%) are from WordPress plugins and 31.5% are core WordPress vulnerabilities. The two most prevalent vulnerabilities are cross-site scripting and SQL injection.

GCA McScrapy converts a website into a set of static files, removing unnecessary functionality. Using a static website nullifies many concerns of cross-site scripting and SQL injection since there is no communication with the website's content management system for dynamic content. The tool evaluates every part of a website and renders it into simple form, keeping as much functionality as possible, while removing potential security issues such as third-party services.  Not all functionality can be maintained, however, and updating websites takes extra steps, making GCA McScrapy best for websites for which security is very important.  GCA McScrapy is also highly configurable and can be adjusted to reduce scan times and scrape mobile sites. GCA McScrapy is free for anyone to use. Learn more about GCA McScrapy at github.com/GlobalCyberAlliance/.

GCA DMARC Risk Scanner: Holding Partners Accountable

The Domain-based Message Authentication, Reporting & Conformance (DMARC) security protocol enables organizations to protect their email domains from being used by spammers and phishers to trick employees, customers and trading partners.

The GCA DMARC Risk Scanner can be used to scan hundreds of domains at one time to determine the level of DMARC and Sender Policy Framework (SPF) protections used by an organization's partners, including the third parties with whom it works, its supply chain, and its trading partners.  This enables an organization to better understand, and act upon, the risk imposed on it by its partners who have not employed DMARC.

Without DMARC implemented, scammers and criminals can easily "spoof" an email domain to steal money, trade secrets or even jeopardize national security. DMARC weeds out fake emails (known as direct domain spoofing) deployed by spammers and phishers targeting the inboxes of workers in all sectors of society.  According to the 2017 Symantec ISTR report, 1 in 131 emails contained malware, the highest rate in 5 years.

Like all GCA tools, the GCA DMARC Risk Scanner is freely available. Learn more about DMARC at dmarc.globalcyberalliance.org.

About the Global Cyber Alliance
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney's Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

CONTACT: Josh Zecher, [email protected], 202-463-0045

Cision View original content:http://www.prnewswire.com/news-releases/global-cyber-alliance-launches-free-tools-to-secure-websites-and-evaluate-risk-from-partner-email-300631409.html

SOURCE Global Cyber Alliance

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, and communicator. For over 30 years across five continents, he has built success with Fortune 500 corporations, vendors, governments, and as a leading research analyst and consultant.
No hype cycles or predictions of zillions of things here. IoT is big. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, Associate Partner at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He discussed the evaluation of communication standards and IoT messaging protocols, data analytics considerations, edge-to-cloud tec...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
Announcing Poland #DigitalTransformation Pavilion
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
CloudEXPO | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. All In Mobile is a mobile app development company from Poland. Since 2014, they maintain passion for developing mobile applications for enterprises and startups worldwide.
For far too long technology teams have lived in siloes. Not only physical siloes, but cultural siloes pushed by competing objectives. This includes informational siloes where business users require one set of data and tech teams require different data. DevOps intends to bridge these gaps to make tech driven operations more aligned and efficient.
The best way to leverage your CloudEXPO | DXWorldEXPO presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering CloudEXPO | DXWorldEXPO will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at CloudEXPO. Product announcements during our show provide your company with the most reach through our targeted audienc...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution. In his session at @ThingsExpo, Akvelon expert and IoT industry leader Sergey Grebnov provided an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors!