Con esta herramienta te facilitamos un acceso a todas las ofertas y demandas de tecnología europeas y a búsquedas de socios para participar en propuestas europeas de I+D publicadas en la red Enterprise Europe Network, pudiendo filtrar los resultados para facilitar las búsquedas más acordes con tus necesidades.

¿Quieres recibir estos listados de oportunidades de colaboración en tu correo de forma periódica y personalizada? Date de alta en nuestro Boletín

Los términos de búsqueda han de ser en inglés.

Protección temprana contra ataques informáticos en páginas web y servidores web

Resumen

Tipo:
Oferta Tecnológica
Referencia:
TOAT20170310001
Publicado:
24/03/2017
Caducidad:
24/03/2018
Resumen:
Una start-up austríaca ha desarrollado un nuevo software para proteger páginas web contra ataques informáticos. Su enfoque único combina protección de datos y análisis inteligente en la nube para la detección temprana de brechas de seguridad y manipulaciones del aspecto visual, así como cambios del código de la página web. Las ventajas incluyen el índice superior de detección y la rentabilidad. La empresa busca socios con el fin de distribuir la solución bajo acuerdos de licencia o hacer uso de la tecnología mediante acuerdos comerciales con asistencia técnica.

Details

Tittle:
Early protection against cyber-attacks on websites and webservers
Summary:
An Austrian startup developed an innovative software to protect websites from cyber-attacks. Their unique approach combines data protection and intelligent cloud analysis to early detect safety gaps and manipulations of the visual appearance as well as changes of the website code. Benefits are higher detection rates and cost efficiency. Partners are sought to distribute the solution under license agreement or use the solution in form of a commercial agreement with technical assistance.
Description:
Today, the company´s website is the number one target of cyber-attacks and represents one of the greatest dangers regarding data loss and data abuse. Every day several thousand automated attacks are being operated on every website. Using backdoors and safety gaps the target system is infected within seconds, in most cases without being noticed by the administrator. Statistically, the infection of a website is discovered 255 days after the initial cyber attack.* After a successful hack, malicious codes are placed on the web code that can be activated any time and for any purpose:
- defacement (damaging reputation of a company, or placing advertisement)
- distribution of malware (to visitors and via spam mails)
- theft and abuse sensitive data
- remote control of webservers

An Austrian startup has developed a software solution to protect websites from cyber-attacks. Using regular scans, the software detects security gaps in the Content Management System (CMS) and the server at an early stage and instantly reports to the responsible administrator. The unique approach combines data protection and intelligent cloud analysis.

First, cloud analysis verifies the appearance and structure of the website from the view of a regular customer. It recognizes whether the website is already infected and reports unauthorised changes to the content and design. It also checks the security of links to third-party websites and the reliability of the encryption in use. To ensure a proper listing in search engines, the cloud service scans whether the website domain is blacklisted in Google, Safe Browsing, Web of Trust, etc.

Second, a server agent can be installed to protect the server itself. Automated source-code analysis reveals suspicious pattern to help detect harmful PHP code (spam-shells, web-shells, and backdoors).
The server agent also identifies:
+ the CMS version in use and reports well-known safety gaps and available updates
+ added/deleted files on the server
+ errors in the server configuration (outdated CMS versions, forgotten CMS files (e.g. index.php.txt), insecure file authorization, suspicious redirects in .htaccess files, etc.)

All changes to files and administration rights are recorded on the webserver. Adapted, deleted and added files are scored in multiple risk classes. Compared to standard solutions, the change tracker sets the alarm only in cases of defective changes.

The combination of server agent and cloud analysis leads to higher detection rates than traditional protection solutions and presents a convenient tool for monitoring a big number of websites. Therefore the solutions is especially suited for administrators of several websites, companies with multiple product or event websites and webspace provider.

The software can be integrated in SIEM-Solutions like HP ArcSight, AlienVault and IBM QRadar or web hosting solutions like Odin/parallels Plesk, Odin service automation or cPanel.

The startup is looking for cooperation under license agreements and commercial agreements with technical assistance. Partners are sought in the field of web security that are interested to add the product to their portfolio and distribute it to their clients. Interested companies are welcome to test the solution with a free demo.

* (Source: Verizon Data Breach Report 2014)
Advantages and Innovations:
The main advantage of the solution for administrators of multiple websites is to have one monitoring tool that lists safety gaps in the CMS and server structure.
Advantages include:
+ a single safety monitoring tool for multiple websites and servers
+ enhanced detection rates
+ immediate reaction to cyber attacks
+ no loss of reputation (due to defacement, spam mails, etc.)
+ cost efficiency (reduces support activities by up to 70 percent)
+ all data remains on the users webserver, no information is transferred outside

Features:
+ immediate reports about safety gaps
+ detection of malware, webshell, and backdoor
+ blacklist monitoring
+ SSL encryption checks
+ change tracking
+ source code analysis
+ automated shutdown
Stage of Development:
Already on the market
IPs:
Secret Know-how

Partner sought

Type and Role of Partner Sought:
The solution is especially suited for administrators of several websites, companies with multiple products or event websites and webspace provider.

License agreement:
Partners are sought in the field of web security that are interested to add the product to their portfolio and distribute it to their clients. Partners receive in-depth training to distribute and implement the solution to their clients´ servers.

Commercial agreement with technical assistance:
Interested organizations receive individual support and integration of the software to their servers. A free demo is available upon request.

Client

Type and Size of Client:
Industry SME 11-49
Already Engaged in Trans-National Cooperation:
No
Languages Spoken:
English
German

Keywords

Technology Keywords:
01003009 Data Protection, Storage, Cryptography, Security
01004016 Gestión de análisis de riesgos
01004015 ICM - Gestión de contenidos de Internet