Hulk web application firewall

Product introduction

Product introduction
Shanghai Jiawesi Information Technology Co., Ltd. is committed to solving problems facing website operators, and has independently developed the Hulb Web application firewall for multi -level and deep protection through the team's in -depth research and development. In this way, it can also resist the security risks of unknown websites while resisting various known website security threats. WEB application security protection products with comprehensive protection of transaction security and account security.

Product function
Web attack protection: rich attack feature library, filtering from the access side of malicious attack traffic. The detection attack behavior includes: protocol attack, path traversal, injection attack, XSS attack, SQL injection, session hijacking, file containing, scanner detection, etc. Ten types of attacks cover common security threats of OWASP.

CC attack protection: Through accurate positioning and identification technology, track monitoring visitors access behavior and frequency of access, and protect the performance of the web server when the traffic is abnormal.

Anti-automated scan [High-level version-dynamic defense]: Big data-based behavioral analysis technology collects the client mouse trajectory, click frequency, operation timing, screen size, browser version, etc. Perform user behavior and analysis, compare the dynamic identity authentication with the normal user group access sample library, and find that non -user's hand -operated illegal behavior, abnormal high -frequency access behavior, blocking submit.

Anti -crawler: The original dynamic defense technology can increase, encrypt, and hide any elements in the page. Increase the cost of data crawling without affecting the use of normal users, and how difficult it is to gain website data acquisition.

Crims from password anti -password cracked: When the automation tool fills the password to crack the website implementation password, the protective system is blocked by password protection technology.

Resistance of unknown threats: Using technologies such as packaging isolation, anti -debugging technology, interview behavior analysis, dynamic identity authentication, dynamic disturbances and other technologies to build a dynamic defense mechanism, create a changing access environment, increase the unpredictability of applications, making it difficult for attackers In the protective station, the attack point and attack path were found, thereby destroying the basic conditions of the attacker to perform network attacks, and resisting the unknown attack effect was significant.

Website anti -theft chain: Implement URL -level access control, and detect client requests. If the HTTP request of resource information such as pictures and files comes from other websites, it will prevent the robbing request and save the bandwidth and bandwidth consumed due to the linkage of the resource link. Performance, thereby protecting the business interests of the website owner.

Website anti -tampering: Provide a complete replication of important static pages. When the client initiates a request, it always returns with normal content to ensure the credibility of the website and avoid the adverse effects and property losses caused by the corporate image after the website is tampered with.

Website precise protection: Support multiple HTTP fields and common logic conditions combinations, configure refined protection strategies, and reduce misjudgment to achieve precise protection.

Data audit: The full log records and provide a simple and friendly control interface for data display and analysis, which is convenient for website operators to grasp the changes in business monitoring and core indicators.

Products and specifications

Service introduction

WAF: Based on a series of accurate attack behavior characteristics and detection rules, the HTTP (s) request is performed to perform detection, and the request behavior of triggering security strategies is implemented. In a complex network environment Essence Hulk WAF responded as soon as possible after detecting the attack behavior to protect the web application from being threatened by security and record the attack line; The monthly report is summarized for security, so that website operators can grasp the security status of the web system anytime, anywhere.

Web: It is not restricted to conventional Web security protection, adopts a "active+dynamic" business access certification mechanism, combined with user behavior information analysis and front -end code dynamic encryption, additional disturbance and other innovative means, build a dynamic changes in access environment, in investigation and analysis, analysis, analysis , Attack and other links to intercept the attacker to block it outside the "door". The defense system can be used to deal with automated attacks and unknown risks and achieve depth defense.