Inspection of and Defense Against Website Vulnerabilities
The DeepFinder web firewall is a cloud web firewall that can be set up in various kinds of environments including on-premises environments, public clouds, private clouds, and hybrid clouds. Full SSL inspection is possible without compromising performance and speed, and autoscaling is also supported. With superb speed and availability, it offers protection against all kinds of web service security threats in a cloud environment.
How to Use
1. Check the instance where the web firewall should be installed and apply for the service.
2. KINX’s Operations Team will install a firewall in the designated instance.
3. The security and monitoring service provider will contact you to configure the detailed security settings.
4. After the security settings are configured, you will obtain the designated security and monitoring services.
- HTTPS/HTTP 1.0/1.1/2-based web attack response
- Detection and blocking of Layer7 DoS attacks, brute-force attacks and dictionary attacks
- Response to OWASP Top 10 and PCI DSS 6.6 requirements and top 8 vulnerabilities noted by the NIS
- Inspection of response data (detection of leakage of critical information)
- Inspection of uploaded files: Registration of binary (raw data) signatures
- Inspections to check for file forgery/tampering and creation of new files by path (URI)
- Security policy for open software (bulletin boards, online shopping mall solutions, blogs, etc.)
- Detection and blocking of file upload restrictions bypass attacks
- URI-based IP control (X-Forwarded-For identification)
- Web-based GUI (manager console) allowing anyone to configure the security settings with ease
- Provision of a report schedule (automatic creation and transmission of reports for each account)
Scope of Support
|Supported OS||Supported Web Server/Application|
(2003, 2008, 2012, 2016)
· IIS 6.0, IIS 7.0, IIS 8.0, IIS 10
|Linux Kernel 2.6.x and higher
· Apache 2.0, 2.2, 2.4
Companies that need to build a powerful security system in line with the latest security technology and trends
Companies that need to detect and block attacks on web vulnerabilities that are difficult to respond to with just firewalls and IPS/IDS