Frequently Asked Questions

IndusGuard by Indusface is a zero touch, non- intrusive, cloud based solution which safeguards websites by daily, automatic and comprehensive scanning of websites for systems and application vulnerabilities, and malware. IndusGuard is the world’s first web security product to offer a proven blend of vulnerability assessment, application audit and malware monitoring. By leveraging a Security-as-a-Service (SaaS) architecture in the cloud, requiring no software/hardware installation whatsoever, IndusGuard is instantly accessible allowing customers to begin safeguarding their website within minutes.

Today, customers enjoy IndusGuard’s security empowerment worldwide, across various industry verticals such as banking, financial services, government, healthcare, online retail, travel, entertainment and insurance, whether they are small, medium or large enterprises. IndusGuard helps businesses enjoy higher financial returns, faster time to market, improved processes, reduction in costs, enhanced productivity and overall customer satisfaction & loyalty.

IndusGuard is world's first web security product to offer a perfect blend of Vulnerability Assessment, Application Audit and Malware Monitoring. It is a zero touch, non intrusive cloud based software which provides daily monitoring for websites, checking for systems and application vulnerabilities, and malware. One of the key aspects of IndusGuard is its ability to detect malware and defacements of websites. These are extremely complex areas and IndusGuard does it 24x7 , without requiring any changes to websites. The monitoring is done remotely and we can detect both known as well as unknown malware in website. We have been researching and innovating for a couple of years in this area and are the best in class for such technology. We have dedicated our research, engineering and development teams to track latest malwares, threats and their behavior. It allows us to constantly refine and improve our technology and solutions to serve our customers better.

IndusGuard is activated online over the web itself and the customer receives a notification via email with details of the activation. There is no need to download the software into your computer.

The IndusGuard Security Scan detects and reports vulnerabilities related to Web Application Security, Operating Systems, Databases, Network and Malwares on a daily basis. The IndusGuard Security Scan is architected on globally accepted best practices such as OWASP, OSSTMM, SANS and NIST using a combination of tools and manual techniques through certified analysts. IndusGuard is hosted and delivered from SAS 70 Type 2 certified secure data centre.

The presence of an IndusGuard seal certifies that the particular website is scanned and certified on a daily basis to pass the IndusGuard Security Scan. The "live" IndusGuard 'Tested' Seal appears on the website with that day's corresponding date only when the website passes the daily IndusGuard Security Scan test. This assists the website owners to gain the trust of their customers who feel safe when accessing such websites.

• On confirmation of purchase, you can register your website(s) using the license key provided to you or our sales representative can register your website on behalf of you
• You will then receive an activation confirmation. Click on the activation link, put in any additional information
• On completion, your website is ready for scanning and you will get the reports of your choice e-mailed to you and the colleagues who you choose to be in the loop

In order to deactivate one's account the user has to send an email through the link to support@indusguard.com. Your current registered period will run to its end and then your account will be suspended. You can re-activate your account at any time.

Yes, IndusGuard does provide a free trial for 7 days. Please contact a sales representative at sales@indusguard.com to get your free trial set up. This trial will help give you a preview of IndusGuard and you will be able to see the benefits of an everyday scan of your website for 7 days. Post the trial you can contact support@indusguard.com or sales@indusguard.com to assist you in your purchase or for more information on the product and its benefits enjoyed by over 150 customers.

The IndusGuard scan engine mechanism emulates single user behaviour pattern, which implies that there will be no load on the website due to running of the IndusGuard Scan on one's website.

Once your account is activated with IndusGuard, your web developer or website administrator can download the secure site seal script from your account and add it to the appropriate pages. Once done, the secure site seal will appear immediately on the desired pages, once your website has successfully cleared the IndusGuard Security scan and tests.

The IndusGuard Scan Engine scans the website from various perspectives under services like Vulnerability Assessment, Application Audit and Malware Monitoring. The scan also ensures that there are no malwares or vulnerabilities in the website. If any vulnerability is found while scanning, it is notified to the user through the reports as well as in the IndusGuard Security Information Centre. The user is then expected to take prompt action to get rid of the malware or vulnerability. The presence of the IndusGuard secure site seal on the website depends on the scan results. If there is any kind of malware or vulnerability found on the website, the date on the secure site seal will stop changing but the secure site seal will stay for the next 72 hours. If the error is still not resolved / fixed, the secure site seal will go off in 72 hours.

In order to make a website hack-proof, one would have to try to break into it in much the same way as a hacker would. In other words, the IndusGuard scan on some occasions could indeed be detected as a malicious attack on the IDS/IPS under network scan. What is of greater significance however; is that some of the IndusGuard scans may go undetected even by IDS/IPS as it continues to focus on attack vectors hitherto for unknown. In the end, the objective is to find vulnerabilities that could make your website susceptible to attacks.

If any kinds of vulnerabilities or malwares are found on the website the secure site seal will be there on the website for next 72 hrs but the date will not be updated till the risk or threat is over. If the website owner does not take any action or however, if the errors are not fixed even after 72 hrs, the secure site seal will disappear though the scanning will still continue. Once the error is fixed and there are no vulnerabilities or malwares found on the website, the secure site seal will reappear on its own with the updated date and the mention of ' TESTED' again beside it.

IndusGuard scan engines secure your website from Web Application , System and Network Vulnerabilities, and Malwares.

• Vulnerabilities related to web application, such as XSS, Redirections, injection attacks.
• Vulnerabilities related to systems such as web application server, incorrect server configurations, weak system access password, system patches and access control.
• Network Vulnerabilities which includes network perimeter security checks for your IDS/IPS, firewalls, router access control.
• Malware Monitoring checks for any presence of malware or malign scripts on the web site that may affect the visitors visiting the website.

IndusGuard is a zero-touch solution which does not require any installation or updating of any kind of application for it to scan and hence no hardware or software installation is required to begin using IndusGuard.

Yes. The function of the antivirus is to protect your server against the incoming known viruses, worms and trojans. The IndusGuard Security Scan monitors your website from the outside to detect and report any vulnerability or weakness that would allow unauthorized access to your site. Such vulnerabilities need not arise only because of a malicious code, but they could infect a site through a legitimate software or equipment that is either poorly configured or not updated regularly. IndusGuard complements an anti-virus solution in protecting one's website.

IndusGuard provides every valid account an online web based Security Information Centre, which provides a comprehensive snapshot of reported vulnerabilities and malware, remediation suggestions as well as several alert and support options.

The key benefits of website security scanning such as IndusGuard is that it helps organizations achieve compliance, increases customer confidence and trust, reduces overhead expenses towards managing website downtime and also legal battles or other related implications due to lax security measures. So get comprehensive website security with IndusGuard today and enjoy:

• Higher financial returns
• Faster time to market
• Improved processes
• Reduction in costs (Capital/ recurring/ sales cost)
• Enhanced productivity
• Customer satisfaction & loyalty