OWASP, an internationally renowned Web Application Security Organization, held the OWASP 2011 Asia summit at the Beijing International Convention Center in China on November 8-9, CIOs, ctos, and CSO representatives from various industries, as well-known application security experts and vendor representatives at home and abroad.
At the conference, a number of security companies were presenting their website security solutions, we suddenly found that a Web application firewall vendor launched a deployment-free online solution-SafeHTTP "website Guard ".
In the past, website security solutions used to deploy security devices or software on internal or enterprise Web servers, vulnerability Scanners, WAF, and IPS are used to detect and protect websites. As the buyer and the seller, you can buy and sell with a hammer, that is, "purchase-install-user self-maintenance" mode. Of course, more reliable manufacturers will basically provide after-sales support.
The solution launched by SafeHTTP "website guard" is "Leasing-user maintenance-free. All vulnerability upgrades, attack protection features, and malicious code filtering are handled by the cloud platform of "website guard" of SafeHTTP. It adopts the PaaS platform as a service mode, which is seamless and real-time. You only need to resolve the DNS address to the "website guard" of SafeHTTP, and then submit the domain name and website information to make it take effect. You can enjoy the tap-water website security service without any worries. Under the Protection of SLA, any website security risks will be borne by the service provider.
After using such a solution, you don't have to stare at the firewall and vulnerability scanner all day long.
What are the benefits of such PaaS security solutions?
Real-time malicious web traffic filtering,
Reduces server load and server downtime risks
Accelerated Access response
Reduce data theft
Rich reports
Implement in 5 minutes
No hardware investment, saving money
Professional Service Team with no code changes
Additional benefits: website Acceleration
SafeHTTP "website guard" Principle
When asked about the technical reserves behind the "website guard" of SafeHTTP, SafeHTTP Li Song said: "ancihua is a WAF device manufacturer and has been providing customers with high-performance WEB security devices. Currently, more than 10 thousand websites are being protected. Now there is no technical problem with this 'cloud waf. And this is an attractive solution for small and medium customers ."
Li Song, general manager of SafeHTTP at OWASP 2011
Who is better suited to this kind of service?
The "cloud WAF" customer group is definitely not required by companies with technical and personnel reserves like portals. The main customer target is that the website bandwidth is within MB. Customers with a bandwidth of more than MB can purchase WAF hardware devices or develop their own protection solutions.
Specifically, websites of different types and sizes are facing various threats. Large websites usually have dedicated teams to solve various security problems. If your website is not such a large website, all are in the SafeHTTP service scope.
SafeHTTP "website guard" classifies customers into three categories based on their website locations:
1. The SafeHTTP service can be obtained through simple DNS adjustments within the company.
2. There are two different choices for Virtual Hosts. You can simply change the DNS to get the SafeHTTP service. In addition, SafeHTTP also cooperates with mainstream virtual host service providers to deploy services in their IDCs.
3. SafeHTTP is cooperating with mainstream IDCs to provide SafeHTTP services in their IDCs. Now we only need to register the services, so we will first cooperate with your IDCs.
SafeHTTP Li Song said: "Our goal is to provide high security services for small websites. Besides security, we will also provide value-added services for enterprise websites, this allows the customer's senior management and administrator to learn more about their websites. In the mainstream IDCs in China, our devices will be deployed in a distributed manner, and 'website guard 'is the website security service around you ."
PaaS website security business is favored by the industry
It is reported that after the emergence of such a new PaaS website security business, a number of security companies have begun to prepare for the "cloud WAF" leasing business, Li Song said, has prepared for a "protracted war. When asked about the PaaS security industry's development estimates, Li Song decisively said: "users' demand for Web security is becoming increasingly urgent, and the development prospects of enterprises are clearly visible ."
Postscript:
At this OWASP 2011 Asia summit, we found that traditional security companies that have never launched specialized Web security products have launched their own unique Web Application Security Products. To cope with the increasingly sophisticated and destructive hacker attacks, people are bound to need faster response time and more professional security services. An OWASP speaker said "Don't take a knife to deal with people with a gun ".