Protecting Your Website
We recognize that there are no turnkey solutions to security; instead it’s a combination of people, processes and technology that help create an overarching security posture that helps reduce a business’s online threat exposure.
The solution is built on three core pillars – Protection | Detection | Response.
Within these three pillars, we provide:
The monitoring platform is a cloud-based Software as a Service (SaaS) Intrusion Detection System (IDS) built on the concept of a Network-Based Integrity Monitoring System (NBIMS), designed to integrate seamlessly with an organizations existing Security Monitoring (SM) initiatives. The monitoring platform is a remote and local continuous scanning engine, providing near real-time visibility into the security state of a website. It’s designed to detect multiple Indicators of Compromise (IoC), to include, but not limited to:
- Malware Distribution
- Blacklisting Incidents
- SEO Spam
- Phishing Lure Pages
- Whois Changes
- DNS Changes
- SSL Certificates
The monitoring platform includes an alert engine, in the event an IoC is detected, the appropriate Security Operations Group (SOG) is notified for immediate action by the security IRT.
The protection platform is a cloud-based SaaS Website Application Firewall (WAF) and
Intrusion Prevention System (IPS). In addition to its security controls, it is also functions as a Content Distribution Network (CDN) and offers full Domain Name Server (DNS) services. The technology is built on a Globally Distributed Anycast Network (GDAN) built and managed by the Sucuri team.
The protection platform is a next-generation application firewall, incorporating other technologies that have proven to be highly effective at the network level, but tailoring and expanding it specifically for Layer 7 traffic (i.e., HTTP / HTTPs traffic). It’s been customized to include a Virtual Patching and Hardening engine, allowing
for real-time mitigation of threats, including Zero Days;; patching vulnerabilities within minutes of disclosures with no impact to the origin environment. All attacks are mitigated at the Sucuri layer, alleviating any potentials issues on the host network and servers; filtering and stripping all malicious requests, and passing all benign traffic to the website. for real-time mitigation of threats, including Zero Days;; patching vulnerabilities within minutes of disclosures with no impact to the origin environment. All attacks are mitigated at the Sucuri layer, alleviating any potentials issues on the host network and servers; filtering and stripping all malicious requests, and passing all benign traffic to the website.
The platform is supported by the Sucuri Security Operations Center (SOC) that provides 24/7/365 monitoring and response to all attacks.
The following are threats the protection platform defends against, but are not limited to:
- Distributed Denial of Service (DDoS) Attacks
- Software Vulnerability Exploitation Attacks and Attempts (i.e., SQLi, XSS, RFI / LFI, and other similar events)
- Protection against the OWASP Top 10 (and more)
- Access Control Attacks (i.e., Brute Force attempts)
The response platform provides a professional security Incident Response Team (IRT). This team is available to respond to all security incidents, including issues identified by Sucuri and those that aren’t. The team is highly trained, and capable of mitigating all website infections and malware related issues.
This platform exists because of the complex nature of website security. Website intrusions occur for a variety of reasons, although the various technologies are being employed to assist in the prevention of such compromises, there are things beyond Sucuri’s control. Examples include, poor user / password management or creation, and environmental issues beyond those that Sucuri is responsible for. Because of these potential attack vectors, Sucuri’s response platform was designed to provide organizations a complementary team to assist in the identification and eradication of any successful compromises. This would include analyzing the cause, assisting in the patching of the issue, and restoring the environment to operational order .
The Response Platform is an option included in all contracts that can be employed at the organization’s request. It’s included in the agreement to provide an option cart that an organization can execute in the event of an incident.
Response platform includes addressing, but not limited to:
- Server level malware infections
- Website malware infections
- SEO Spam injections
- Malicious user redirects
- Website Defacements
- Removal of all Backdoors
- Removal of website blacklist annotations
Secure Your Network – Network Access Control
BMAK has partnered with SnoopWall to bring this ‘State of Art’ technology to our clients and customers who are looking to bring tighter security to their networks.
The NAC market is on the rise. By 2020, its value is expected to grow to 2,645.5 million USD at a rate of 31.17%. annually. This rapid growth is in part due to the increasing amount of BYOD environments. With traditional layers of security still being penetrated, people need NAC solutions, such as SnoopWall’s NetSHIELD, to protect their networks from today’s aggressive cyber criminals.