Safeguard Website and Web Applications from External Attacks and Stay PCI-DSS Compliant
A website or a web application contains lots of confidential data and is thus easily targeted by criminals for attacks and exploitation. In addition, many existing infrastructures were built on aging web servers that are no longer supported for maintenance or updates. This poses a source of abuse for hackers. No organization can bear the risks of leaving web-based activities unprotected.
To save the manpower and costs in maintaining comprehensive security, Austreme provides Website Protection service which investigates existing web server infrastructures and protects it against threats, vulnerabilities and attacks. It continuously adapts to evolving threats and fulfills the compliance requirements like PCI-DSS 6.6.
Our managed web application firewall combines automated application learning with up-to-date protection polices and signatures, so that our technologies enable protections from known attack sources such as malicious IP addresses and phishing URLs, and identify source reputation and geographic location for investigations. By transmitting attack source feeds in nearly real time to web application firewall, we can quickly and accurately stop malicious users with illicit hacking attempts.
Who Needs It?
- Website owners
- Application Developers
- Security Professionals
- Network Managers
Mitigating risk of data breaches posed by web applications running in an insecure environment
Allowing only trusted applications to run on web servers
No interruption to existing web services and performance
Protecting company’s web assets (e.g. customer data, financial information, staff information) from being exploited by external sources
What areas are protected?
Austreme Website Protection does not only block known attacks that will affect existing web services, but also identify, detect and remove potential threats and protects original files of applications. It covers a wide range of protection areas such as:
Web application vulnerabilities
HTTP fingerprinting and unauthorized access (session hijacking, abusing password change etc.)
Path traversal and DDoS
Misconfigured systems and application servers may poses open doors for malicious persons to abuse the web server
Code injections (e.g. SQL, LDAP, OS command, XPath etc.), cross-site scripting (XSS) and CSRF attacks
Web page defacement and deliberate file deletion
Anonymous proxies or malicious sources