I think you are going in the wrong direction with this. The fact sheet for Comodo indicates they have over 600 employees. The mission statement of Comodo seems to indicates that they should have a larger percentage of employees dedicated to computer security than your average company. Given the information provided by Comodo for their products, they should be able to run more mainstream public facing internet services in a honey-pot like state and keep it secure. At least they should be in a better position than most of their customers to use their tools to keep things safe. It seem to me that Comodo employees when asked if their tools will protect online web services, they won’t stop at just indicating it can protect use of vBulletin or SMF. Comodo seems like the type of company that is willing to companies should be using Comodo tools to protect phpBB, WordPress, Joomla, Magneto, etc. Comodo seems to have so much ambition about what their tools can do. But it would be nice if Comodo demonstrated that level of protect themselves.
Something that caught my attention of this notice was the very first line:
"At Comodo, we take security very seriously and it is our highest priority."
A highly respected computer security journalist, Zack Whittaker, wrote an article for Tech Crunch back in February of this year called “At Comodo, we take security very seriously and it is our highest priority.”
The article begins with:
And the article ends with:
I’m sure a company as security focus as Comodo is aware of the works of Zack Whittaker and wouldn’t post hollow remarks on their forum. So, when Comodo says they take security seriously that should imply they have been using their own products to protect the data.
So, was Comodo Endpoint Security which was stated to me as providing 100% protection able to stop the breach?
Answer seem to be NO.
How about Comodo HackerProof site inspector, did it provide the next dimension in website scanning to stop the breach?
Unfortunately, NO.
How about Comodo Dragon Platform, was there bulletproof 100% protection from zero-day attacks to stop this breach?
I can come to a 100% verdict in 0 seconds on that and say: NO.
So, if a company of 600+ employees with better security training and skills than your average Comodo customer can’t protect commonly used forums, what hope do those customers have?
There is a definite need for the type of products that do the things Comodo claims they do, but there still seems to be a lot of work to be done. Thank goodness for Comodo’s exciting ambition.
I think Comodo needs to show their products can protect more instead of consolidate to less. They should be able to expose the top ten most popular public facing web applications on their own servers with an open “capture the flag” style invite for any security research to deface them.
If they aren’t willing to show complete buy-in themselves for their own products, why should any potential customer take them very seriously about Comodo’s claim of taking security very seriously? Please don’t let Comodo just be another company that makes hollow remarks.