SSL (define) security certificates, as a widely deployed method of helping to encrypt and secure online data, by themselves aren't enough to ensure that a website or service is actually secured, according to VeriSign, the leader in the SSL market.
Going forward, VeriSign's (NASDAQ:VRSN) SSL certificates will now include an online malware scanning service that will help to determine if a website is at risk from security vulnerabilities.
VeriSign is delivering its new malware scanning capabilities as an additional value-added service to its branded SSL certificate holders. VeriSign also owns multiple SSL businesses that don't carry the VeriSign brand name, including GeoTrust and Thawte, which was founded by Ubuntu Linux founder Mark Shuttleworth.
The new SSL malware scanning service comes as VeriSign is in the process of selling off its SSL business to Symantec for $1.28 Billion.
Tim Callan, vice president of product marketing at VeriSign, explained to InternetNews.com that the malware scanning is provided by security vendor Armorize, which offers vulnerability scanning capabilities for Web code.
Callan noted that VeriSign is not exposing the Armorize brand to its SSL customers. The scanning will carry the VeriSign brand for the consumer-facing segment.
"If someone else comes along with a better technology solution, then we want to have the freedom to offer that solution," Callan said.
Callan added that VeriSign is offering the malware scanning to its SSL customers at no additional cost in an effort to maintain a premium value position for VeriSign-branded SSL certificates. According to a recent Netcraft study, VeriSign currently leads the SSL marketplace in terms of deployed certificates.
With VeriSign in the process of selling its SSL business unit to Symantec, Callan noted that the VeriSign name and checkmark symbol for SSL secured sites will still have value.
"The VeriSign name is not being sold, however [Symantec] will have the right to use the VeriSign name for some years to come," Callan said. "So on day one, users will still see the same VeriSign name and seal and certificates will be sold under the VeriSign name. We have a period of years to transition that name."
Return to security news headlines
View Security News Archive