Cyber Security

FAQ

Malicious code is usually found in the source code, so it can only be detected through a careful analysis of the site. Menaya's Vulnerability Scanner performs a test on the code to identify known and unknown vulnerabilities and configuration issues.

Our email notification system immediately notifies you of any signs of malicious activity or other suspicious activity identified by our engine so that you can take the necessary steps to remedy the situation. If the vulnerability scanner picks up any signs of malware, you get notified immediately. We also send you an assessment report including the infected pages and the source of the problem. All that's for you to do is to follow and apply the recommended remediation solutions.

Our experts use a combination of data retrieved from public and private sources and apply algorithms to determine your company's security effectiveness into a quantifiable score. For this, Menaya uses the company's domain name. The engine collects information from Passive DNS servers, Web search engines and other Internet-wide scanners, as well as public and private databases. The engine searches databases for all IP address ranges and domain names belonging to the company. Menaya uses what is called Open Source Intelligence (OSINT) to gather information. Menaya then compiles this data into a simple, easy to understandable report with an alphabetical scoring system to help identify and mitigate potential security risks.

By choosing Menaya and our Cyber Security Rating solution, you entrust us with the protection of your website so that you can focus on your business.

With our cyber threat map, you will gain insight on how cyber criminals appreciate the cybersecurity-readiness of your organization as well as the risk level of your partners. Menaya's Security Rating solution is what you need if you want to reinforce your company's security.

Some information, when misinterpreted, can lead to an unreliable appreciation of risk. Indeed, some types of incidents are specific to a particular type of organization and therefore cannot be applied to all organizations - extrapolating data can lead to scoring errors.

Menaya technology uses signature-less investigation approaches based on content emulation and penetration testing. This technology is capable of recognizing encoded JavaScript code and binary shellcode within legitimate media files and digital documents. Menaya uses an innovative technology that allows us to test for possible intrusion while preserving your information system. Our vulnerability scanner checks if someone can access and hurt your website but without actually getting into the website, staying "at the door" so to speak.

Cyber crime and cyber risk are real and on the rise. Many very small and medium size businesses fall victim to cyber attacks. The vulnerabilities of their IT systems make them very easy targets for cyber criminals. Menaya's partner program gives you access to vulnerability detection and security incident management tools, strategy reports to fend off cyber risks, while benefitting from the expertise of our experts. Working with a partner such as Menaya means maximizing the value of your services.

Many businesses are looking to get cyber security insurance in addition to their cyber security strategies in place. Cyber security insurance policies protect customers against damage from cyber attacks and typically covers and includes the following: ● Crisis management by cybersecurity experts; ● A 24/7 Helpdesk; ● Coverage of operating losses in the event of business interruption; ● Compensation for economic and financial losses and related defense costs in the event of data loss or data misappropriation. ● Coverage of the cost of restoring lost data.

To join our partner network simply fill out the "become a partner" form. After reviewing your company's profile and application, we will provide you with a customized cybersecurity solution. Hosted in the cloud, the Menaya solution comes with reporting tools and a customer interface that integrates with your existing portfolio of services.

We accept all major credit cards: Visa, Mastercard, Discover, Diners, JCB, American Express. We also accept online payments: AliPay, Apple Pay, Google Pay, PayPal, Click to Pay, Masterpass and Visa Checkout.

Choose the currency of your choice on our payment page. We support more than 100 currencies and like-for-like settlement in 16 currencies.

No. All credit card transactions are processed by BlueSnap, our third-party payment provider. Your bank statement will show your payment to Menaya as a transaction under the trading name of BLUESNAP or BLS.

Yes. BLUESNAP/MENAYA fully comply with the Payment Card Industry Data Security Standard keeping all sensitive payment data safe.

Yes. All you need to do is to contact Menaya and we will disable your auto-renewal. The cancellation will take effect at the next renewal date.

Yes. Once you sign up, you can upgrade your subscription plan at any time. All you need to do is to submit your request with a Product Support Ticket and our team will handle it.

Most companies are unprepared for cyber attacks. But in this day and age of all things digital and the devastating impacts that cyber crime can have on a business, all organizations should gear up to effectively protect against cyber risk. Given the situation, the Cyber Detection and Cyber Rating solutions provided by Menaya can help organizations assess any kind of cyber risk they are exposed to, in no time, and contribute in the remediation of their network vulnerabilities. Among the various services provided by Menaya, Cyber Detection allows you to monitor your systems, without having to be an IT expert. This is a non-invasive and easy-to-use program that operates solely on the company's domain name and performs a cyber risk assessment. Once the assessment is complete, a color-coded chart is generated that reports the cybersecurity risk level of the customer in red, orange or green. This assessment helps prioritize the different actions that need to be planned and implemented in order to reinforce your protection. Essentially, Menaya helps you boost your cyber resilience strategy by proactively monitoring cyber threats and avoiding potential business interruptions and financial losses.

You may think that large corporations that have many different computer terminals are more likely than small companies to get attacked. Or, maybe you think that companies in the Finance or Health industries are more exposed to cyber crime because of the nature of the data they carry. But that is not always the case. In fact, it is much easier for hackers to attack the small and medium companies that do not necessarily have the means to protect themselves effectively against cyber crime, rather than trying to break into the safe of the best protected bank in the world! Large corporations or those that handle sensitive data usually possess the technology, expertise and processes to protect against cyber attacks whereas the small and medium-size companies are usually completely unprepared, lacking the expertise, technology or cybersecurity processes that make them ideal and easy targets for hackers.

One of the biggest challenges facing businesses today is having to keep up with everything having to do with cybersecurity and the changing nature of the more and more sophisticated attacks. The most common attacks are when hackers manage to get hold of an employee’s login and password to break into the organization’s system. What usually happens is that hackers manipulate users into revealing their personal information. Once they get into the system, all they need to do is to wait for the right moment to launch their attack.

Although hosting companies generally secure their platforms, they cannot be held responsible for the Security compliance of the different websites they host nor can they be held responsible for the configuration of the servers in the Cloud or the exposure of their customers' passwords and database credentials on the DarkNet. Trusting your hosting company is certainly not enough. Depending on the contract you have with them, what happens is that you share joint responsibility of your web space. Legally, the customer is usually accountable for their data and any related breaches. Every day, hackers are hard at work trying to find ways to break into IT systems or websites. It is therefore crucial to constantly check for and pinpoint vulnerabilities before hackers do. Hosting services, even when provided by the most highly respected company in the field, never come with best practice recommendations or vulnerability remediation processes of your organization's network. In order to be able to take all the preventive measures and provide your organization with maximum protection, you need to get an accurate and full-blown picture of your IT environment as it appears from the outside: in other words getting a cyber threat map. Once you have identified the biggest threats, you can then start prioritizing the remedial action plans.

Menaya resorts to non-intrusive assessment methodologies to review the cyber security risk status of any organization at any given time. We do not use intrusive vulnerability scans like Nessus, Netsparker, Acunetix, Nexpose, nmap, openvas and more. Our passive scanning approach consists in gleaning information from a target organization without direct interaction. We find the required data on the internet, the Darknet as well as in the search engine caches of pirate sites.

A vulnerability scanner is an application that runs assessments on a company’s IT systems and creates an inventory of all systems connected to its network with their vulnerabilities. As alarming as it may seem, the number of vulnerabilities found has increased by 200% over the last 4 years. That soaring statistic being what it is, trying manual vulnerability testing is kind of pointless. Technology, that allows you to identify vulnerabilities while keeping up-to-date with the remedial action plans, clearly outperforms an IT department’s capability even if they are highly qualified. This is the reason why vulnerability scanners were designed i.e. to help these experts find and fix application vulnerabilities.

Vulnerabilities are security flaws or weaknesses in an application. If these flaws are compromised by a threat, this can lead to a security breach meaning hackers breaking into your system and getting access to sensitive information or really hurting your business. Independent security researchers and Cyber Security Solution vendors run constant security assessments on applications that are open to the public in order to identify vulnerabilities. Once a vulnerability is found and made public, anybody can try and exploit it. However, one has to bear in mind that not everybody plays by the same rules. When a vulnerability is indeed found, some have no qualms in making it public without notifying the software vendor or worse, will try to exploit it and commit fraud. In any case, if your company uses an application that has been publicly identified for whatever vulnerability found, you may be at risk.

Yes. Cloud-based services ensure flexibility, scalability, customized services and cost savings but are also a cause for concern when it comes to cyber risk i.e. authentication, access and data storage. Public cloud services imply therefore more exposure to risk because they do not necessarily come with robust security protocols or procedures that meet the needs of each customer.

A data breach is when a company's cybersecurity measures are compromised, allowing unauthorized access to information. This can be extremely damaging to a company's reputation as well as its consumers, if their information gets stolen in a cyber attack. Companies are legally required to put measures in place to protect their personal data and that of their users and must inform anyone who may be affected by a breach.

Malware is malicious software. Once inside a system, malware can cause damage or disrupt the system and can steal information. It gets into your system when an employee is lured into clicking on a malicious link or opening a malicious email attachment for example.

Criminals want to lure you into giving them your information - this is called phishing. They hope you'll click on fake links that take you to fraudulent sites or open malicious email attachments, so they can steal data or install malware. Malicious emails account for nearly three-quarters of all security breaches or attacks. We recommend that our clients provide their staff with screenshots of all potential phishing emails to warn them of the danger and to ensure that they know how to react when they receive suspicious emails.

Cyber threats are common - below are a few indications you should watch out for and that should get you to take the required precautionary and remedial measures. You probably have been hacked if: •You can not connect to your account (and that it is not because you have forgotten your password); •Programs you have never seen before start running when you turn on your computer; •Emails have been sent in your name when you know you have never sent them; •You see content that you have never created posted on your social media account; •Windows pop up on your screen (luring you into visiting a particular website or downloading some software); •Your servers are acting strangely – for instance if they are slower than usual or if they crash way too often; •You can not access your database anymore and/or the data has become unreadable; •You get a ransom demand.

An SQL injection is a kind of cyber attack that consists in injecting a code that allows the hacker to run malicious SQL queries to take control of a database server behind a Web application. Hackers use this technique to bypass the application security measures in order to be able to access, modify and delete data that they are not authorized to see or use.