You’ve probably read two things about website security. One, security is pretty important. Two, security is often overlooked. Three, lots of people talk about security in a broad sense but don’t dig into specifics.
Okay, maybe you haven’t heard that last one. But it’s true. So in this article, we’re going to talk about some specific security services.
Malware Monitoring
Malware is malicious software. It includes viruses, Trojans, spyware, ransomware, backdoors, rootkits, and more. This is the kind of stuff that costs the economy billions annually, wrecks productivity, and ruins small businesses.
Malware monitoring identifies malicious software in order to contain and eradicate it. This can happen in a number of ways. Behavioural analysis involves identifying and separating the actions of malware from those of benign software. Reputation checks involve checking requests from external pages against reputation services to see if they’re trustworthy or not. Heuristics is a way of analyzing pages for common JavaScript-based attacks. And then there’s antivirus software, of course.
Vulnerability Assessment
One way to test your defences is to get someone to attack you. That’s the idea behind vulnerability assessment. The security service tries to figure out all the best ways to defeat your defences and then gives you a detailed report. That way you can fix said defences. These assessments can be both automated and manual.
Firewall vs. Web Application Firewall
A firewall is like a bouncer. It monitors and controls incoming and outgoing traffic to and from your network and enforces your security rules. A firewall is the bare minimum of network security.
A web application firewall (WAF) is different from a regular firewall. It monitors, filters, or blocks traffic to and from a web application by inspecting HTTP traffic. This prevents attacks to web applications, such as file inclusion, cross-site scripting, and SQL injection.
SIEM Software
Security information and event management (SIEM) software collects, analyzes, and logs data from your entire IT infrastructure, including host systems, applications, firewalls, and antivirus filters. It can then provide reports on security-related incidents, like failed login attempts and malware activity. Want to track and investigate what’s happening? Then you need SIEM software.
DDoS Mitigation
A distributed denial of service (DDoS) attack is when an attacker uses an entire network of compromised systems (i.e., a botnet) to flood a single target with requests. DDoS attacks are inexpensive and hard to stop, which makes them the weapon of choice for hackers, cybercriminals, and even tech-savvy teenage hooligans.
DDoS mitigation is a service that seeks to resist a DDoS attack. Mitigation starts by identifying normal traffic patterns and separating the behaviour of real users from that of bots. Then the service works to filter out the bots using tools like rate limiting, deep packet inspection, and blacklisting.
The Bottom Line
This article is a starting point. Security can be a daunting, complex topic, so it’s important to get specific about your security needs to understand what services you should engage.
Sâmbătă, Iunie 6, 2015
