Hi, founder of Patchman here! Patchman was built for hosting providers as a tool to stop the endless stream of abuse. I'm happy to answer your questions!
Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed.
Regarding security vulnerabilities, we specifically patch only those vulnerabilities. This way you can be rest assured that your customer's websites continue to function properly.
"Malware is by definition self contained and can simply be removed. We move the file to another directory, so it cannot be executed."
Wouldn't this require un-obfuscating the exploit page because the malware can be basically innoculous looking like an image file? I ask because I am just curious how the tool manages to do this so automated.
Also, props on starting this company. I have been thinking about starting some kind of cybersecurity startup or newer tech startup for a while but haven't produced much yet.
@switch33 No, our detection method is hash based. We also have on our roadmap to to content based scanning, that would indeed require un-obfiscating the code.
One thing that I see as problematic is that there are many custom themes from specific CMS involved. And hashing would be rather not good at that unless you have access to clean theme type files.