Your government has countless websites and online services. Sensitive, personal information is transmitted over the internet, but how well is it protected? Is there privacy?
Web Security Map makes this visible. Its results stimulates your government to better protect their citizens online.
Monitor your government! is an initiative of the Internet Cleanup Foundation . Our mission is to make the internet secure and safe. We develop open source software to do so.
Web Security Map uses transparency to set tangible and clear goals for improvement. Its impact in The Netherlands was stunning.
The SIDN Fund granted us the ability to advance Web Security Map to make an impact globally.
Create a safe internet, run Web Security Map!
The Netherlands is a small country in Europe. In it live 17 million people. The country has a proud internet culture. This was the ideal location to start making the change.
We developed and deployed Web Security Map here. We tested it on municipalities. Municipalities in the Netherlands manage a lot of sensitive data: who lives here, welfare programs, marriage, childcare and more.
Fully automatically, Web Security Map discovered well over 7000 web addresses. Each of these have been monitored for basic security: the simplest and trivial security needed to provide secure internet services.
The resulting map was red. Nobody did it right. But that changed. When released many municipalities started improving. And so many issues were fixed that some even did it right 100% of the time.
The impact in the Netherlands was massive, and measurable! It changed the way IT departments work, it changed budgets, it improved focus! Thousands of vulnerabilities where fixed, making the internet safer: including removal of old and costly infrastructure, saving money in the process.
Now it's time to spread this impact over the world. All the tooling is freely available and open source. You can create transparency in your part of the world, and drive the change.Get started! Watch the installation video!
Below video shows the adoption of DNSSEC at municipalities in the Netherlands in 2018.
Web Security Map is free and open source. It can be used by anyone, anywhere.
Yet, we suspect the four types of organizations below will benefit the most.
Yearly your government creates large amounts of new online services. Being in control is an enormous challenge. Web Security Map eases this to a large extent by creating insight into large amounts of data.
The IT landscape is continuously changing. New security requirements come from legislation and improved standards.
Create a safe and better internet. Use transparency to drive the change.
Need an updated set of URLs for a yearly test? Need to visualize the outward facing parameter?
With just a few commands, you have your Web Security Map installation running. Video examples are provided for each step of the process. You can have your installation up and running in no time.
Web Security Map makes it very easy to monitor regions around the world. Data is imported from Open Street Maps and Wikidata. With a few simple steps you can start to publish new results.
Web Security Map can also monitor any other groups of organizations. You can decide which ones using the spreadsheet import.Get started! Watch the installation video!
We provide a number of training videos and other documentation to get you started. Web Security Map can monitor a lot and is a very powerful tool.
The Internet Cleanup Foundation, as well as volunteers on the project can help you make sure that you are up and running swiftly.Show me all the features!
Web Security Map monitors a variety of modern security standards. These are the minimum for operating an internet service securely. Many of these are already required for many organizations.
For example: when visiting a website, a secure (HTTPS) connection is needed. This connection guarantees that you're seeing the site as the authors intended. This connection also guarantees that you and the website have privacy for everything that is transferred between you and the site.
While these standards are well-known and mandated, it's often shocking to see how little they are used. Even with the hundreds of thousands of security audits happening daily, we still have a long road ahead of us. Web Security Map helps to create transparency, transforming security in a tangible action.
Web Security Map is created to only improve security. Transparency is a very powerful tool. We carefully chose what Web Security Map can open up to the world. That's why it centers itself around basic security.
Basic security centers itself around a limited set of security options. These options are designed to improve privacy and security. Visitors of services should be able to use these options by default, without compromise and without knowledge or configuration.
Security issues outside of the realm of basic security are dangerous. They are the stuff you read about in the papers: data breaches, site hijacks and so on. Would this be published, the internet becomes a more dangerous place. That's why Web Security Map explicitly does not monitor and publish these.
Create maximum impact: one map says it all.
Web Security Map publishes almost all it knows. This results in a large amount of data that can be consumed by others.
See everything that is happening.
Simple tools to install and update
IMPORTANT: We improve the installation experience over time. Always check the latest installation instructions, here.
Up to date installation instructions are listed on this page, here. This video shows how to install Web Security Map on a virtual machine. This is done with a single command on a clean and dedicated machine.
This video shows how to import countries to the map. It shows how to create an administrative region (if it doesn't exist yet) and import data from Open Street Maps. It will then guide how to display the new country to your visitors and how to allow scans to happen. Once you get the gist of it, you'll be able to add another country in seconds.
This is a tour of the Web Security Map admin interface. It shows how this interface works in general and what data is stored. This can help you administer the data in Web Security Map and get a deeper understanding of its inner workings. With the knowledge presented in this video you can explore all data in Web Security Map yourself.
Configuration options allow you to display all kinds of interesting stuff on the website, as well as use external services to improve the Web Security Map experience, and to enable or disable scanners. The video is extensive and show exactly how each setting affects the working of your Web Security Map installation.
This video shows how to add large numbers of organizations to the map. This is done by uploading a spreadsheet. The spreadsheet is downloaded and edited. When uploaded the organizations are added to the database. A report is created and a new layer is configured to show the new organizations on the map.
Stuck? No problem. We're ready to get you on track.
The Internet Cleanup Foundation provides both free and paid support. Our mission is to make the internet secure and safe. This should be easy for everyone!
Only want to focus on the data, the results and communication? We can help you with deployment and maintenance.Contact support!
Chat Support is available at the bottom of the page or at:
Web Security Map is open source software. Our home is at Gitlab .
You are very much welcome to contribute to this project.Gitlab homepage Issue tracker
Are our training videos not enough for you? Our online documentation covers topics like installation, maintenance, upgrading and features.Deployment docs Web Security Map docs