Effective defense against OWASP TOP 10 attacks such as SQL injection, XSS attacks, command/code execution, file inclusion, Trojan virus uploading, path traversal, malicious scanning and so on.
The professional attack-defense team carries out a 7*24h follow-up for 0day vulnerability, analyzes the vulnerability principle and develops a security protection policy to provide protection in time.
Support global model and single IP protection mode, check CC attack protection based on multiple challenge check algorithms and protect DOS function of the application layer.
Five security analysis reports, including Web Security, CC Attack, Custom IAM Rules, User Access, and Operation Monitoring, are provided for insight into the workload monitoring status, security protection status and effect.
By viewing the attacking trend graph, it can know hacker’s concern to business.
View protection effect and statistics in real time via CC attack trend statistics.
Search the users' access conditions in real time by carrying out the statistics & analysis to IAM rules formulated by the users.
The users can combine HTTP protocol fields to formulate IAM rules, confirm priority and provide multiple customization methods and simple logic syntax to meet the individual needs.
Record the access logs of all users on the business website, provide trend analysis and Log Download feature as needed.
The webpage tamper-proofing uses the mandatory static cache locking and update mechanism to protect specific webpages. Even though relevant webpage of origin server is tampered, it can be returned to the user cache page.
Provide audit logs for operation of all administrators and provide the same on demand when checking security compliance.
Provide multiple modes to protect the application layer DOS.
Provide IP blocking feature to intercept malicious users in real time.
Enable protection against violent crack and protection against Y.C, robot crack, etc.
Provide a full set of RESTfulAPI interfaces for page customization
There is no need to modify the DNS for service protection and monitoring. By associating the Load Balancer, direct IP access is supported.
Upload ssl certificate on the Load Balancer and implement HTTPS detach management.
Application Security Gateway can associate EIP's Load Balancer and the Load Balancer in VPC for collaborative work. Therefore, it can defend the Internet attack and internal attack from VPC.
Scan, feedback the current page