Hi,

When we added the Hackersafe logo, our conversions increased 10%. A month later we joined the BBB Online and had another 10% increase in conversions. Not sure if the increase was because of the logos or just a coincidence. We are in a higher perceived fraud/quicksell and forget industry so that is why we added them.

how much is both? i cant find info about pricing on the hackersafe site?

ScanAlert Hackersafe is a crock, lots of false positives on things that aren't really wrong with the server.

Several of our customers have it and it gets much worse if you don't use the version of Linux they track they report all sorts of vulnerabilities although you have the patches installed. Don't expect your ISP/Host to spend their day chasing ScanAlert vulnerability reports unless you pay their time, it's a fruitless waste of time if your host keeps up-to-date already.

aren't you begging to be hacked though if you put that logo? No computer is "hackersafe", at least not one that we can afford.

well, my customer hasn't been hacked and he's had hackersafe on his site since they opened shop, but that's my sysadmins skills, not their stupid port scanning

Well, there is really no pricing on the hackersafe site. Once I thought, it might be usefull to put such a logo on my ecom-site. Then I contacted them about the pricing. They wanted to call me back, and they indeed did. After ten minutes of conversation (monologue, their salesman convinced me, how useful their logo is and how would it increase my conversion rate), they told me their price -- it was something like 1,500 $/year (if I am not wrong).

Then I decided, that it is too much for a small logo they allow me to put on my site.

Indeed, I think, all these people can do -- is to scan your host for standard Linux vulnerabilities, publicly known at the moment.

What they will be unable to do -- to scan your own site software for vulnerabilities. It is theoretically possible, if you use something very widely known (like osCommerce), and you did not modified it for your own needs. But I doubt if it is something they do.

The other issues -- there might be vulnerabilities, not publicly known at tne moment they scan you.

Finally, site security is not only about vulnerabilities scanning -- it is much broader topic.

Their logo is much about convincing your customers, but it will not make your site secure. Indeed, it can even do harm, delivering false feeling of security to you and your customers.

If a 10% conversion rate increase is worth $1,500/year for you, you definitely can try.

ScanAlert does check against the following vulnerability lists:

- MasterCard SDP (Site Data Protection)
- ScanAlert HACKER SAFEŽ
- SANS / FBI Top 20

I won't say it is without value, but how much value do you get for $1,500?

It would be more worthwhile I think if you had a dedicated server and 20 accounts on a box, then you're checking all 20 of them at once. However, if you're on SHARED web hosting anyone sharing that server can put vulnerable CGI code in their hosting account and ScanAlert may or may not notice that problem.

scan alert is too expensive for my new site. what other things I can do show my client that my site is reliable? I use geotrust logo on payment page and login page..

may be I should re-write text on login and other page about security

It is indeed a broad topic.

* site design is important -- if it sucks, nobody will trust you (it does not mean you must purchase expensive professional design, but your site should not look amateurish)
* SSL certificate (do not forget to frame it and mention on the login page)
* put a phone and a real physical address onto "contact us" and "about us" page
* incorporate (it gave me 300%-400% orders increase rate)
* site's security, privacy and return policies? (perhaps, I have no statistics here)

If the computer was really hacker safe you would never see the logo becouse the only computer that is hacker safe is the computer with out a network card.

it sounds like alot of people here don't think $1500 is affordable for logos. I do believe TRUSTe and BBB have sliding scales based on your company revenues. SSL logos tend to be good, but more for tech savvy consumers. There are 2 services from SquareTrade that might be more suited toward the lower price points:

Safe Shopping Seal: $500/yr it does security scanning, but is very marketing focused and provides free buyer protection.

Trusted Business Seal: $400/yr it does buisness verification and consumer feedback ratings. also provides buyer protection.

They have case studies on ROI, etc that mention an avg 15% conversion rate increase. www.squaretrade.com/business

They also have some certifications required by Google and Overture for certain types of businesses, but probably don't apply to you unless you are in a regulated industry.

make your own =)

squaretrade sound good, what about Bizrate, dont they have some kind of service too?

My cat lays on top of my monitor all day and looks down at the screen a lot, when he jumps off and runs away I won't shop there. For $100 a year you can put my logo on your site: "This site Cat Scanned, Cat Approved"

scanalert uses a program called nessus to scan your server for vunerabilities. It is free - open source. get it at sourceforge. You can run it yourself and find out what the current weak areas are on the server. It also points you to the patch files in some instances.
I had scanalert for almost a year. it made no difference at all, in fact there statistics were not even correct by there own admission. They ultimately gave me 6 month's free service, but I had them remove it early. Make your own logo like someone suggested, just dont make it say "HackerProof" or you will be asking for trouble :-)