Surfilter Website Security Monitoring System based on a cloud computing (SaaS) model, combined with Surfilter’s expert security team, regularly provide website system assessment reports to users, helping them effectively and promptly understand website risk profile and security trends, to ensure a stable and secure web application environment.
Core Value
Trending: Aggregating information and releasing regional information security status.
Predicting municipal district’s regional network development trends.
Official regulation: Assessing websites under regulation.
Guiding regional safety protection.
Website self-inspection: Owner’s self-inspection and assessment.
Owner-based self-rectification.
Website tampering monitoring, web application monitoring, web scanning, sensitive character detection, MORE, DNS monitoring, Trojan Horse detection, and vulnerability scanning.
Product Functions
Web System Scanning and Vulnerability Scanning Monitoring
At present, the system supports web threats defined by remote OWASP as well as provides monitoring services through relevant vulnerability scanning. Based on the remote website vulnerability scanning service, Surfilter security experts regularly conduct website structure and vulnerability analysis, and can immediately provide vulnerability status of a website as well as patching suggestions.
Website Anti-phishing Monitoring
Surfilter’s anti-phishing system provides monitoring service for web business processing. Based on cloud computing technology (SaaS), Surfilter has natural anti-phishing advantages. An effective and accurate anti-phishing monitoring system is based on a trusted URL database, IP reputation, automated scanning, manual confirmation and other comprehensive means.
Web-based Trojan Horse Monitoring
Based on “cloud security” platform, Surfilter adopts industry-leading integrated Trojan detection technology, effectively and accurately identifying malicious code on webpages, enabling the website administrator to quickly and clearly detect security status and Trojan Horses on websites.
Webpage Tampering Monitoring
Surfilter provides two kinds of treatment modes for webpage tampering monitoring: (1) Protection-based tampering monitoring fencing mode for users with single webpage structure or single nature. Based on their situation, users can download an anti-tampering client corresponding to their server from the Management Center. They can install it on their server, and interconnect it with the Management Center, achieving “monitoring—protection” function; (2) Scanning-based webpage tampering monitoring service, through remote and real-time monitoring of information on the target website. When any tampering is discovered, users are immediately informed, and they can promptly repair tampered pages in accordance with security suggestions provided by Surfilter, mitigating any adverse effect of the tampering.
Webpage Sensitive Information Monitoring
The page status of the target website is monitored remotely and in real time; when any sensitive keyword is discovered, users are immediately informed. Users can refer to security suggestions provided by Surfilter to promptly delete sensitive information, protecting their reputation and mitigating legal risks brought by any adverse effect of the tampering. Users can self-define sensitive keywords they are concerned about.
Website Application Monitoring
Application monitoring mainly involves web analytics: website availability, website access speed from different lines, website response time, etc., to evaluate if the best and safest service quality is achieved.
Domain Name (DNS) Monitoring
Availability of DNS cache server on the mainstream ISP as well as users’ DNS license server and their resolution of monitored domain names are monitored remotely and in real time through the operator’s network lines in various provinces.
Security Intelligence Analysis
Web-based security vulnerability and security consulting as well as web attack trend analysis reports are regularly provided in order to grasp and mitigate relevant security issues.
Weak Password Detection
Password weakness detection of the target system is regularly conducted to avoid any leakage caused by password disclosure.