Security analysis of servers and sites

About the service

Analysis of the security of servers and websites - this service allows you to check the level of information security of your servers and websites.

Currently, there are two tariffs - Light and Pro. Tariffs differ from each other in the number of tests carried out and the results obtained:

  •     Light. In this tariff, the server is scanned by specialized software for open ports and the services running on them are analyzed. Active and passive collection of information about the tested resource is carried out. Analysis of threats and vulnerabilities of information security and collection of data about the website (OPENVAS, OWASP, OSINT). Website analysis for viruses and malicious code, presence in blacklists. Analysis of the SSL certificate. Analysis of subdomains, readable directories and files.
  •     Pro. This tariff includes all the work carried out in the Light tariff plan, as well as some additional checks. In particular, load testing is carried out (imitation of DoS attacks), checking for resistance to the selection of passwords, authentication data for services and authorization forms.

Why check server and website security

Any website can be attacked, regardless of its importance, size and commercialization. As a result, the resource will lose its functionality, and the confidential data of users will be at risk. For the owner, this will result in reputational and financial losses.

In addition to a direct attack, your website can be used to harm other resources - sending spam and DDoS attacks, attacking users, infecting devices and applications. If this happens, the website will be blocked by the hosting, search engine or browsers.

Commercial sites are attacked in order to obtain user data. This data is then used in fraudulent schemes. Corporate sites are threatened to get an access point to the company's network, steal a customer base, and get confidential information.

Where the website may be vulnerable:

• In the administration system - scammers can pick up or steal passwords from the administrative panel, services.
• Software part — CMS, scripts, plug-ins.
• In the server part.

Attacks can be unsystematic, massive in nature based on automatic actions of robots. Or they can be targeted, when hackers seek to hack your site.

What are you getting

  •     A detailed report on the current security status of your server or website with identified threats and vulnerabilities.
  •     Recommendations for eliminating identified threats and vulnerabilities, as well as improving the existing level of security.
  •     An independent competent assessment of the measures taken to ensure information security by specialists.

How we are working

  •     We sign a non-disclosure agreement.
  •     We conclude an agreement on the selected tariff plan.
  •     We analyze the resource and generate a detailed report with recommendations.
  •     We provide all the data for further study and appropriate action.

Who is the service suitable for?

You need a service if:

    You want to check how resistant your server or website is to various attacks.
    You want to increase the level of information security of your resources.
    You want to get an independent opinion from practitioners with extensive experience in the field of information security.

© 2021 – 2024 OOO «ONESEC»
About Services Press-service Contacts
Place order