Germany | Bayern

Zurück zur Suche

Internationale Partnersuche

Innovation & Technologie Angebot

Early protection against cyber-attacks on websites and webservers

Country of Origin: Austria
Reference Number: TOAT20170310001
Publication Date: 16 March 2017

Summary

An Austrian startup developed an innovative software to protect websites from cyber-attacks. Their unique approach combines data protection and intelligent cloud analysis to early detect safety gaps and manipulations of the visual appearance as well as changes of the website code. Benefits are higher detection rates and cost efficiency. Partners are sought to distribute the solution under license agreement or use the solution in form of a commercial agreement with technical assistance.

Description

Today, the company's website is the number one target of cyber-attacks and represents one of the greatest dangers regarding data loss and data abuse. Every day several thousand automated attacks are being operated on every website. Using backdoors and safety gaps the target system is infected within seconds, in most cases without being noticed by the administrator. Statistically, the infection of a website is discovered 255 days after the initial cyber attack.* After a successful hack, malicious codes are placed on the web code that can be activated any time and for any purpose:
- defacement (damaging reputation of a company, or placing advertisement)
- distribution of malware (to visitors and via spam mails)
- theft and abuse sensitive data
- remote control of webservers

An Austrian startup has developed a software solution to protect websites from cyber-attacks. Using regular scans, the software detects security gaps in the Content Management System (CMS) and the server at an early stage and instantly reports to the responsible administrator. The unique approach combines data protection and intelligent cloud analysis.

First, cloud analysis verifies the appearance and structure of the website from the view of a regular customer. It recognizes whether the website is already infected and reports unauthorised changes to the content and design. It also checks the security of links to third-party websites and the reliability of the encryption in use. To ensure a proper listing in search engines, the cloud service scans whether the website domain is blacklisted in Google, Safe Browsing, Web of Trust, etc.

Second, a server agent can be installed to protect the server itself. Automated source-code analysis reveals suspicious pattern to help detect harmful PHP code (spam-shells, web-shells, and backdoors).
The server agent also identifies:
+ the CMS version in use and reports well-known safety gaps and available updates
+ added/deleted files on the server
+ errors in the server configuration (outdated CMS versions, forgotten CMS files (e.g. index.php.txt), insecure file authorization, suspicious redirects in .htaccess files, etc.)

All changes to files and administration rights are recorded on the webserver. Adapted, deleted and added files are scored in multiple risk classes. Compared to standard solutions, the change tracker sets the alarm only in cases of defective changes.

The combination of server agent and cloud analysis leads to higher detection rates than traditional protection solutions and presents a convenient tool for monitoring a big number of websites. Therefore the solutions is especially suited for administrators of several websites, companies with multiple product or event websites and webspace provider.

The software can be integrated in SIEM-Solutions like HP ArcSight, AlienVault and IBM QRadar or web hosting solutions like Odin/parallels Plesk, Odin service automation or cPanel.

The startup is looking for cooperation under license agreements and commercial agreements with technical assistance. Partners are sought in the field of web security that are interested to add the product to their portfolio and distribute it to their clients. Interested companies are welcome to test the solution with a free demo.

* (Source: Verizon Data Breach Report 2014)
Image

Image

Image

Image

Advantages and Innovations

The main advantage of the solution for administrators of multiple websites is to have one monitoring tool that lists safety gaps in the CMS and server structure.
Advantages include:
+ a single safety monitoring tool for multiple websites and servers
+ enhanced detection rates
+ immediate reaction to cyber attacks
+ no loss of reputation (due to defacement, spam mails, etc.)
+ cost efficiency (reduces support activities by up to 70 percent)
+ all data remains on the users webserver, no information is transferred outside

Features:
+ immediate reports about safety gaps
+ detection of malware, webshell, and backdoor
+ blacklist monitoring
+ SSL encryption checks
+ change tracking
+ source code analysis
+ automated shutdown

Stage Of Development

Already on the market

Stage Of Development Comment

The technology is already in use in a major finacial corporation, multinationals, several web hosting companies and many other companies and organisations.

Requested partner

The solution is especially suited for administrators of several websites, companies with multiple products or event websites and webspace provider.

License agreement:
Partners are sought in the field of web security that are interested to add the product to their portfolio and distribute it to their clients. Partners receive in-depth training to distribute and implement the solution to their clients' servers.

Commercial agreement with technical assistance:
Interested organizations receive individual support and integration of the software to their servers. A free demo is available upon request.

Kooperationsanfrage stellen