The Sucuri Vision

To build the most effective and affordable cloud-based technology and services for website security and performance, while producing the most concise educational website security resources. Since 2009, our globally-distributed team has ceaselessly innovated with one goal in mind – to make websites safer and faster in a world of emerging threats.

Our Values

Passion

If you have ever met our team, there is one undeniable fact – we love this company and the important work we do. This love and dedication is a requirement for the entire company.

Helpful

When a website is hacked or under attack, a website owner is at their most vulnerable state. We will be the calm in the virtual storm, standing by to restore peace of mind.

Community

Our brand is defined by our customer and employee satisfaction. We will create effective products and content that serve a valuable purpose and user experience.

Trust

The security space is filled with snake-oil and unnecessary FUD (fear, uncertainty, and doubt). We are committed to building services in the best interest of website owners.

Sucuri Labs

Here at Sucuri Labs is where we share our technical research. We are a group of website security professionals who are passionate about discovering emerging web-based malware and software vulnerabilities. Not only do we create tools and detection rules for our customers, we also bring awareness to the website security community. Our mission is to help make the internet a safer place.

What do we do?

We dissect, analyze, and investigate web malware and evaluate web applications (CMS, plugins, themes, extensions, etc.) looking for vulnerable code. Every piece of software we investigate is used to improve our tools, by creating new detection and block rules, as well as to create different learning opportunities for web developers, administrators, and our infosec community.

Visit labs.sucuri.net to read more about:

Research Notes
Our researchers love to share their discoveries. In this section, you'll find the latest reports on malware, obfuscation methods, attack trends and fun facts about researching threats. Think of this section as the notepad next to the researcher's computer.

    Threat Reports
        This section shows the latest payloads detected by SiteCheck and active threats blocked by the Sucuri WAF.

    Malware Signatures
        Browse definitions for malware we often encounter on scanned sites. If your site presents any sign of malware, spam SEO, or suspicious JavaScript, SiteCheck will link you to this section.

How do we do it?

We collect data from several sources, including but not limited to: honeypots, partnerships with other labs, online searches, investigations of infections on new and existing customer sites — we even receive malware samples (if you want to send suspicious code to us, go to our website to contact us).

Vulnerability researchers are always reviewing new versions of popular software and checking for code that could be exploited by hackers. All code we review is done first by state-of-the-art assisting software and all findings are manually reviewed.

Here at Sucuri Labs we follow a responsible disclosure process and assist, when possible, the software developer on how to mitigate the vulnerable code. No findings are disclosed unless we are sure they were fixed.