Patchman – Hosting Providers: Kill Malware and Fix Vulnerable Websites
patchman.coHi, founder of Patchman here! Patchman was built for hosting providers as a tool to stop the endless stream of abuse. I'm happy to answer your questions!
Can you elaborate a bit on how it solves the problem of quarantining the malware without actually editing the customer's website?
Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed.
Regarding security vulnerabilities, we specifically patch only those vulnerabilities. This way you can be rest assured that your customer's websites continue to function properly.
"Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed."
Wouldn't this require un-obfuscating the exploit page because the malware can be basically innoculous looking like an image file? I ask because I am just curious how the tool manages to do this so automated.
Also, props on starting this company. I have been thinking about starting some kind of cybersecurity startup or newer tech startup for a while but haven't produced much yet.
E-mail me at wouter @ patchman . co
Would love to talk to you
Sure I will email you in a bit.
@switch33 No, our detection method is hash based. We also have on our roadmap to to content based scanning, that would indeed require un-obfiscating the code.
One thing that I see as problematic is that there are many custom themes from specific CMS involved. And hashing would be rather not good at that unless you have access to clean theme type files.