How to Implement "Three defenses" for website security through instance Parsing

As we all know, Web 2.0 is a new Internet model that focuses on user interaction. This model emphasizes that the user is not only the viewer of information, but also the creator of information.

With the deepening of the concept of Web 2.0, the Internet has undergone earth-shaking changes, and interactive services have become the mainstream of Internet applications. As the most typical Internet application website, it's easy to stand on the wave of Web 2.0. However, unlike the previous one, most of the websites we have seen have been separated from the original one as a carrier for simple information release, but are increasingly carrying a lot of businesses and applications.

With the increase of many businesses and applications, websites become more and more "useful ". However, as the saying goes, convenience and security are a natural contradiction: while people enjoy convenient Internet services, it is also facing more security risks and hidden dangers brought by complicated information systems. In the Web 1.0 s, most of the so-called "website hacked" pages were modified, for example, the homepage was tampered with and the page was increased. In the Web 2.0 s, various attacks, such as website page Trojans, cross-site scripting, injection attacks, and so on, are even more prevalent.

So how can we maintain the security of the information system while ensuring the complexity of business and application, that is, to balance efficiency and security? This is probably a concern for all websites.

Website Security "Three defenses"

At the beginning of the design, most websites focus more on how to meet users' applications and how to implement services, without even considering the security of websites. In contrast, hacker tools and tutorials on the Internet are as versatile as they are. This makes it easier for script boys to attack websites than to get a driver's license. Unfortunately, website managers often do not use any effective means to deal with these "self-taught" Security enthusiasts ", only the most common or thorough firewall is used to protect websites: Nothing. In addition, unlike in the real world, the victims of theft and robbery on the Internet are often unaware of the fact that many people have been stuck with Trojans for several months and are unaware of them.

Next, we may use the famous three elements of CIA: Confidentiality (Confidentiality), Integrity (Integrity), and Availability (Availability) to describe the websites that serve as the carriers of classic Internet applications, which aspects of security protection should be implemented.

The CIA is the goal of information security construction. Accordingly, website security protection can also be considered from these three dimensions.

1. Confidentiality: Prevent hackers from obtaining internal private information at will. Corresponding website security protection measures, namely, attack prevention;

2. Integrity: Prevent hackers from modifying information without authorization. The corresponding website security protection measures, namely anti-tampering;

3. Availability: ensure that authorized users can obtain information at any time. The corresponding website security protection measures, that is, anti-virus (Trojan ).

This is the concept of "Three defenses" for website security.

Comprehensive Defense for websites

So how can we implement "Three defenses" for website security?

Qi Mingxing, a well-known professional security company in the industry, put forward the viewpoint of comprehensive website defense-an all-round website security solution from a 360-degree perspective. This solution integrates the standard PDR model to provide comprehensive website security protection at the detection, protection, and response levels.

Detection of 1.360-degree security defense

Different from the intuitive page tampering, webpage Trojans are concealed and can continue to cause damage even after several months of attacks. In this case, a set of detection mechanisms are required to regularly inspect websites for Trojans for timely detection. Starling's remote website Trojan Detection Service, launched by Starling, uses the "sandbox" technology to simulate webpage access, rather than simply matching the pattern, to ensure a high accurate detection rate for webpage Trojans. At the same time, the remote website Vulnerability Detection Service of anxing is also provided. Combined with the manual analysis by background security experts, the system can accurately detect vulnerabilities that can be exploited on the website and provide repair suggestions.

Some website administrators do not pay enough attention to website security at ordinary times. They often respond to the attacks only when the loss occurs, in many cases, the solution only restores the original page, but does not solve the security problem that causes the attack. By using the Vulnerability Detection Service of anxing, you can discover existing vulnerabilities from the root cause to prevent attacks from occurring from the source.

Protection against 2.360-degree security defense

For security vulnerabilities caused by design reasons, some applications may be used and cannot be repaired or updated. Most attacks against such vulnerabilities are based on applications and are mixed with normal access behaviors. firewall security products are often helpless due to the inability to accurately identify attacks at the application layer. To prevent such attacks, You must select a security product that accurately discovers and defends against application-layer threats, especially for such attacks (represented by SQL injection and XSS attacks ), due to many variants, traditional application-layer threat defense products use feature matching technology that cannot be fully covered, with high false negatives and false positives.

Starling star has launched its WIPS series for Web business defense. It uses patented technology to start with attack mechanisms rather than attack data features and uses behavior analysis methods, it achieves a good Web threat defense effect.

3.360-degree security defense response

The technical strength of some website users is relatively small, so they cannot fix and monitor the situation on their own. Venus also launched the web page Security repair service to completely remove vulnerabilities in applications on the website and malicious code on the page, at the same time, users can also choose white box testing and black box testing to check the website-related security source code to find out the source code problems, through the service, users can obtain the source code problem and Security repair suggestions or modification services, which are supported by the professional Attack and Defense technical team of Starling National Laboratory.

Some important websites that lack professional foreign aid teams can use the services provided by this professional team to enhance the security source code design of the website system and enhance the security of the system itself.