MAKE NETWORK SIMPLE,INTELLIGENT AND SECURE
MAKE NETWORK SIMPLE,INTELLIGENT AND SECURE
The accelerated evolution of network information application has promoted the widespread use of Web platforms. While Web applications are gaining momentum in terms of their application scenarios, Web server itself has become the primary target of network attacks. Web-based attacks are on the rise, including SQL injection, cross-site scripting, web page tampering, web page Trojans. Web security has arguably become the main battlefield for security offense and defense. In response, DPtech introduced a Website Security Protection Solution to effectively safeguard the network security. The solution provides all-round security protection covering early warning before attacks, in-process protection, and actions and response after attacks.
MoreWith WAF3000 series Web application firewall at core, the DPtech Website Security Protection Solution, together with the “INSIGHT” Cybersecurity Detection Platform, provides users with all-round security protection before, during and after attacks.
Before attacks : The “INSIGHT” Cybersecurity Detection Platform performs Web scanning to proactively identify website vulnerabilities, generates pertinent security policies and distributes them to the WAF3000 series Web application firewall.
During attacks : Deploy WAF3000 series Web application firewall to offer one-stop security protection throughout the attacks. By using anti-scanning, Web attack protection, information leakage prevention, web page tamper-proof functions, it helps detect and block all kinds of Web attacks, such as SQL injection, cross-site scripting, web page Trojans, and web page tampering.
After attacks : All attacks can be blocked with one click on the website, which is especially effective in emergency situations. Meanwhile, the professional service teams from DPtech are always available to help users locate and troubleshoot risks and achieve website recovery as soon as possible.
Furthermore, thanks to its Cloud security management and operation and maintenance services, DPtech can provide users with analysis reports on security incidents, provide optimized policy recommendations based on the website’s current status, assist in policy optimization, and make operation and maintenance services easily accessible.
In simulation of manual penetration, DPtech’s “INSIGHT” Cybersecurity Detection Platform performs in-depth vulnerability detection of Web applications from the perspective of an attacker. After discovering a website vulnerability, it continues to verify the availability and hazards of the vulnerability to provide users with an overall understanding of their websites. It then generates a security policy and gets it distributed to the WAF3000 device, improving the protection accuracy. With a plug-and-play deployment, all functions on the product require no more than five steps both locally and remotely. As a result, it is adaptable to various complex Web applications. Through all-round detection of any potential security vulnerability, automatic and intelligent security detection of Web applications can be realized.
The attacks from hackers on websites are generally initiated by scanning website vulnerabilities with crawlers or scanning tools. After discovering server vulnerability, the hacker will launch attacks by exploiting the vulnerability, such as SQL injection and XSS attacks. Upon successful attack, the hacker will obtain privileges for data tampering, deleting, and downloading, and upload Webshell, Trojans and other back door programs for background permissions in the future.
DPtech WAF3000 series offers one-stop security protection throughout the attacks, ensuring website security in an all-round manner.
With the one-click offline and online feature, when the user network is under attack, one-click offline can be enabled to block attacks in real time, preventing security incidents from propagation. One-click online can be performed after the attack.
Interactions between WAF3000 and DPtech’s Cloud security management platform facilitate users in analyzing device logs and configurations, provide users with analysis reports and optimized policy recommendations, and help with policy optimization as required by users.