The concept of internet security comes from Alibaba. As the name suggests, it allows Internet users to have sufficient trust and dependency on Web products. Especially for websites involving users' capital transactions, a severe user data leak can completely destroy your brand.
In the current stage, most enterprises in the Internet industry, except bat, do not pay enough attention to network security. Therefore, the Internet is flooded with various types of database theft, leaks, and phishing. A well-known large-scale technical forum was taken off and even found that their passwords were saved in plain text, so I won't name them here.
I want to divide this topic into two parts. The first is information security, and the second is risk assessment.
Information security is basically how technology tends to prevent and monitor. If you are interested, I will gradually open-source some monitoring systems and filters of earlier versions.
Risk assessment is a trend of business, and of course it is inseparable from technology. The most important concepts are how to make a good evaluation model. For example, if a user account is stolen, the behavior analysis or model matching is used to determine whether the current user is a risky user.
First of all, let's start with the simplest and most suitable solutions for all Internet companies.
First, add access-level monitoring at zero cost
Zero cost, no development, no O & M, as long as you can access the Web and have a mobile phone or mailbox
Of course, there are limitations. The solution discussed in this topic is limited to access level. If specific business logic is involved, you still need to develop some systems to control it.
1. Configure site: http://uptimerobot.com/
In order to avoid being an advertisement post, I will not introduce this site more. If you are interested, you can start with configuration by yourself.
First, add your personal information in user settings. By default, You need to bind an email account as your primary identity.
Then configure your contact information
Uptimerobot.com determines whether the website can be connected based on the information returned by the HTTP header. If an error occurs, uptime robots will perform multiple tests within three minutes to ensure that the results are accurate, you will be notified by email, RSS, text message (Chinese mobile phone not supported), and other means. We can use pushbullet for restrictions on mobile phones. The following will be an example for you.
In this case, you need to enter the pushbullet API key. It is easy to get the DeviceID of your mobile phone first, and then go to https://www.pushbullet.com/registration token.
After configuring the basic information and contact information, you can add our monitoring information.
Generally, you can select HTTP (s) to monitor access requests.
Look at our dashboard.
Check out our emails
In fact, it can come to an end here. Next we will extend the pushbullet application.
Pushbullet is a message pushing tool that supports text, URLs, and images. There are public APIs. The above uptimerobot uses the pushbullet interface. Of course, if you need to use these functions in other projects, you can put a C # demo here.
With it, you can send messages to your mobile phone at any time.
First
Download Code: click here
[Security of the Internet] (1) Add access-level monitoring at zero cost