Tinfoil Security – Automating Website Protection

This is an interesting startup. I think the key will be how they
communicate what they find to the people running the websites and if
they can help resolve potential vulnerabilities. What will their
“step-by-step” look like?

“We’re making website security regular, affordable, and simple. We’re
essentially automating the beginning of the security consultant and
penetration testing process. We crawl your site, a bit like Google,
but instead of looking for text and HTML we look for common
vulnerabilities in your website. We act as external hackers, picking
through each access point on your website, trying to get in. If we are
successful, we record where and how we did it, and then report back
what vulnerabilities we found, where we found them, how we found them
(so you can recreate the problem) and then give you a step-by-step
solution for how to fix it. If you give us information on your
software stack (like you’re running Python, Django, on an EC2
instance) we will tailor the results to fit your needs. The cool thing
is that we’re automating all of this.”