Bitrix Software Security Powerful content management with advanced security features.

Slides:

Advertisements

Similar presentations

Nick Feamster CS 6262 Spring 2009

Advertisements

CS5038 The Electronic Society

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

ACT User Meeting June Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

Bitrix Intranet Portal Digital Vision EA Limited-Bitrix Gold Partner A Product Presentation by Digital Vision EA Security Features of Bitrix Intranet.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 8, 2014 DRAFT1.

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.

Hands-on SQL Injection Attack and Defense HI-TEC July 21, 2013.

SECURITY AND INFORMATION SYSTEMS THE EVOLUTION OF SECURITY SYSTEMS Created By: Jamere Hill Instructor: Kyhia Bostic Section University of Houston.

Lesson 30 Computer Safety and Ethics

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

1 MIS 2000 Class 22 System Security Update: Winter 2015.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Mr C Johnston ICT Teacher

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Lecture 11 Reliability and Security in IT infrastructure.

LittleOrange Internet Security an Endpoint Security Appliance.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

SiteLock Internet Security: Big Threats for Small Business.

Norman SecureSurf Protect your users when surfing the Internet.

By Jeerarat Boonyanit. As you can see I have chosen Cpanel for my server management tool. cPanel is a Linux based web hosting control panel that provides.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

eScan Total Security Suite with Cloud Security

Securing Information Systems

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Introducing Quick Heal Endpoint Security 5.2. “Quick Heal Endpoint Security 5.2 is designed to provide simple, intuitive centralized management and control.

Bitrix Software Security Bitrix Intranet PortalBitrix Site Manager.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Staying Safe Online Keep your Information Secure.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

IT security By Tilly Gerlack.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

Computer & Network Security

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

3.05 Protect Your Computer and Information Unit 3 Internet Basics.

Small Business Security Keith Slagle April 24, 2007.

Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.

Microsoft Management Seminar Series SMS 2003 Change Management.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Computer Security By Duncan Hall.

Web Applications on the battlefield Alain Abou Tass.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Chapter 40 Internet Security.

Securing Information Systems

Top 5 Open Source Firewall Software for Linux User

Design for Security Pepper.

Secure Software Confidentiality Integrity Data Security Authentication

Computer Virus and Antivirus

Protect Your Computer Against Harmful Attacks!

Risk of the Internet At Home

Check Point Connectra NGX R60

INFORMATION SYSTEMS SECURITY and CONTROL

Computer Security.

Intrusion Detection system

Test 3 review FTP & Cybersecurity

Presentation transcript:

Bitrix Software Security Powerful content management with advanced security features

Internet Security 2009 Quick Facts * Slide 2 of ,000 websites are attacked every month on the Internet $234,244 is your approx. loss count if your website is shut down by hacks The number of hacker attack attempts sky-rocketed 671% in % of companies are not satisfied with their web security *According to Dasient, White paper “Drive-by-Downloads,Web Malware Threats, and Protecting YourWebsite and Your Users”,

Is Your Company Vulnerable to Hacker Attacks? Every day your website or corporate portal could be attacked many times, damaging the integrity of your web project. Data leaks, phishing and unauthorized access to your website pose a real threat to your company, making up-to-date security mechanisms mandatory. Here’s a look at the industry vulnerability chart: Slide 3 of 19 Industry Vulnerability Chart Percentage of websites susceptible to security threats, by industry. Source: White Hat Security, "Website Security Statistics" by Trey Ford.

Main Reasons for Data Leak / Data Loss: Data leak due to Inappropriate access permission distribution Unauthorized user account registration Weak or inflexible moderation policy Phishing attempts from within Weak protection from external threats Lack of internal dataflow monitoring techniques Delay in virus and web threat security updates Data loss and data damage due to Weak login/password protection Inflexible authorization policy Non-adjustable session lifetime Easy access to the website root Harmful web-code implants Inappropriate notification system Incoherence of web-code elements Slide 4 of 19

How Can Bitrix Products Protect My Web Presence? Bitrix Site Manager and Bitrix Intranet Portal include the PRO+PRO™ Security Framework that provides maximum protection from thousands of threats that can be encountered on the Internet or originate locally because of inappropriate web project security policies. Slide 5 of 19

PRO+PRO™ Framework Highlights: The PRO+PRO™ framework incorporates a number of technically advanced security technologies. It uses multiple security levels, allowing you detect and combat almost all known hacking techniques. The PRO+PRO module features: Slide 6 of 19 Security Dashboard Proactive Filter / FireWall Web Application One Time Password technology support Protection of authorized sessions Activity Control and Intrusion Log IP-based Protection Mechanism Script Integrity Control Stop Lists and Security Logs

PRO+PRO™ Offers Preconfigured Protection Levels: Slide 7 of 19

Web Application Firewall The firewall filters incoming website requests for malicious code, hacker attacks and suspicious activity like buffer overflow. Protects against XSS, CSRF, SQL injection and File Include attacks. Slide 8 of 19

Web Anti-Virus An elaborate web antivirus system Shields websites against harmful HTML-implants Detects 90% of potential infection threats Notifies administrator upon location of dangerous code Detects and reports incoherent code elements Includes a "white list" to reduce false positive alerts Slide 9 of 19

One-Time Passwords (OTP) A hardware token generates a series of digits which the user adds to his password at each log in. This means that the password will be different with every new session. Even if a third-party illegally acquires your password, it will not be possible to use to authorize on your website. Slide 10 of 19

File Integrity Log This feature allows you to detect any changes that could have been made to the system files. Administrators can verify the integrity of the system kernel, system files or public files anytime. The File Integrity Log helps you identify unauthorized changes, thus preventing intrusion attempts. Slide 11 of 19

Script Integrity Monitor Slide 12 of 17 File integrity control Tracks file system changes Verifies kernel integrity Verifies system area integrity Verifies public files integrity Verification of the file integrity control script Verifies the file integrity control script for changes Protects the script using the keyword and password pair

Intelligent System Backup This backup feature protects the website from a range of risks from server hardware failure to malware infection. When a website gets infected, it is nearly impossible to eliminate all the bits of malicious code. They are usually spread over all the site content and manual eradication would require too much time. With a backup in place, you can simply restore the original non-infected version. Slide 13 of 19

Anti-Phishing Protection Phishing – an illegal attempt to acquire private information (usernames, passwords, credit card details, etc.) that is made through a routine activity performed on a website that is thought to be trustworthy. The PRO+PRO module allows you to stop redirection to potentially dangerous websites, offering your website visitors even more safety. Slide 14 of 19

Flexible Access Management PRO+PRO Security Framework leverages the power of a variety of mechanisms for protection from the external threats and an advanced user permission management system. These features combine to allow customized access permission to sections, pages and even page objects in a most flexible manner. Slide 15 of 19

Automatic Updates Bitrix products offer click-away security updates with real-time notifications about new patches and bug- fixes available. All updates affect only the system core and will not cause any data change in the public view part (front-end) of your web project. Slide 16 of 19

PRO+PRO Crash Test 2009 More than six hundred Russian hackers tried to invade the brand-new Bitrix PRO+PRO™ security framework as part of the "Bitrix Real-Time Hack Competition". The test was organized during the "Chaos Constructions CC9 Festival" in August During the competition, more than attacks on the Proactive Protection security mechanism were repulsed, proving its superb reliability! Slide 17 of 19

More Information about PRO+PRO Framework: Bitrix PRO+PRO Security Framework Overview: Bitrix Web Anti-Virus Main Features: Bitrix Proactive Protection Guide: Bitrix SiteUpdate System Overview: Slide 18 of 19

Thank you! Sales Department: Website: