HackerProof Trust Mark

The document contains information on how to get HackerProof trust mark, install it, how to compare the effectiveness of using the HackerProof Trust Mark on your website versus not using the trust mark.

Getting HackerProof Trust Mark:

First step in ordering the HackerProof trust mark is to open http://www.comodo.com/hackerproof/ in your web-browser and click on 'Order HackerProof' button. This will launch ordering wizard and you will be prompted to
1. Select your term:

Select the needed and click on 'Submit & Continue' button.

This moves you to step 2 of the wizard
2. Your contact information

If you are a new customer, you should fill out the New Customer Registration form (see below). If not, you just need specify you login/password to order the service:

• As new customer specify login and password:

  

• Specify your company details:

  

  - A post office box (often abbreviated P.O. Box or PO Box) is a uniquely-addressable lockable box located on the premises of a post office station.

• Set your contact details:

  

• Confirm you desigion in Subscriber Agreement form:

  

  Check the box at the bottom of the form and click on 'PROCEED TO CHECKOUT' button.
• Next you moves to order confirmation page, it contains information on how to setup your HackerProof service and configure automatic daily vulnerability scanning:

  

  For more information see chapter Starting Up With HackerProof Service.

Validation 

Before we can commence vulnerability scanning we need to validate your ownership of the domain.  

Displaying the HackerProof trust mark delivers a message of the security of your servers and of your true identity to website customers. It is essential business practice of Comodo to fully validate your application. For businesses we will require a copy of your articles of incorporation, business license or DUNS number. If you haven't done so already, please supply this documentation to docs@comodogroup.com  stating your HackerGuardian order number within the email. 

You can fax your validation documentation to the numbers below stating your order number on the pages:

US Fax for validation docs: 1 801 409-3684
Europe Fax for validation docs: +44 (0) 161 877 1767

If you are emailing validation documentation please send to docs@comodogroup.com stating your order number within the email.

Installing your HackerProof trust mark

After validation, the HackerProof Service will begin on your server. You will be notified via email upon completion of the scan and invited to log into your account to read the scan report. If your web-server successfully passes the scan, you will also receive a confirmation email with the HackerProof trust mark as an attachment alongside instructions on how to install the trust mark on your site.  

If your server did not pass the vulnerability scan then you should use the information and risk mitigation advice contained in the report to resolve the identified problems. Your web server will be scanned again in 24 hours.

To view status of the HackerProof service, click on the Site Check Status option. More ...

To activate the HackerProof trust mark on your website in A/B test mode, you will need to insert two (2) JavaScript snippets of code into your page(s). To do so, you should follow the steps outlined below.

- Enter your Your Coverage ID. This is a unique ID identifying your company that you were assigned at the time of order placement. Please refer to your confirmation email which includes your coverage ID. If you did not retain this email, please contact Support for assistance.

- Select the HackerProof trust mark position from drop-down menu. The HackerProof trust mark can be placed in an anchor position in any of the four corners of your website or it can be placed inline. If you choose any of the corner placements, the trust mark will always be displayed even when a browser scrolls down your web page. If you choose inline, this is the position where the logo will be posted and will only be visible when a browser is visiting that section of your web pages.

Finally, click on 'Click here to show installation code' button. This will display step 2 of the wizard:

General

• Introduction To HackerGuardian
• Acceptable Validation Documents
• Comparison of Services
• Glossary

PCI Scanning Service

• Getting Started
  • Introduction to the Interface
  • Running Your First PCI Scan
  • Accessing Self Assessment Questionnaire
• PCI Scanning Service - Infrastructure
  • PCI Scan
    • Devices
    • How to create a 'PCI scan' Device
    • Devices Management
    • Start Scanning
  • Scanning LAN Devices
    • How to add a new device
    • Internal Devices Management
    • How to Install the Internal Scanning Agent
    • Configuring the Internal Scanning Agent
    • The Main Menu of the Scanning Agent
    • Start Scanning
  • Account and Scan Settings
    • Account Preferences
    • Scan Configuration
      • Set Scanning Options
      • Set Vulnerability Plug-ins
  • Schedule Scans
  • View Reports
    • View PCI Scan Reports
      • Executive Report
      • Vulnerability Report
      • Reporting False Positives
      • Compliance Report
      • Tracking Status of Submitted False Positives
• Purchasing Additional IP addresses
• Setting Up Your Payment Credential CVC