Web Server Safeguard
Real-time protection for web servers and cloud-based computing services
WSS is a complete web server security solution that performs real-time detection of malicious code/URLs, and homepage forgery.
Performing instant scans, quarantines, and notifications, WSS secures ultimate web server and WAS protection.
ShellMonitor
The Need for WSS
Respond to a wide array of targeted attacks on web application vulnerabilities
Supplementary Solutions for Network Security Appliances
- Limitations in network defense due to sheer diversity of invasion methods
(need for intrinsic malicious code detection and quarantining)
- Increases in information security incidents not only by external hacking but also by users inside
the organization
- Lack of protection against malware that infiltrates prior tofirewall installation
- Increases in penetration by network bypass technique
- Heavy system burden/overload associated with full inspections
- Risks associated with exception handling for encryption/encoding traffic and security protocol
ShellMonitor Operation Overview
ShellMonitor operates by detecting real-time changes in a web server’s file system.
The instant a change is detected, ShellMonitor scans theWebShell/URL, notifies the system administrator,
and quarantines the malicious WebShell/URL.
- Real-time detection and quarantine actions for WebShells and malicious URLs
- Centralized management support and automatic update support for large web servers
- Detection and prevention of malicious permission and configuration file changes
ShellMonitor’s Key Features: Detection Performance
Supports detection of unknown malicious codes through obfuscated code-only analysis engine (SCR parser)
Malicious code collection to improve detection performance
- Agent detection analysis applied to over 15,000 units
- Professional collection and analysis of malicious code
Supports sophisticated pattern application and exception handling to minimize false positives
Supports pattern customization according to needs of target system
ShellMonitor’s Key Features: Convenience
Efficient operation in mass-processing Web/WAS environments
- Supports auto-quarantine of known WebShells and malicious URLs
- Detailed risk and behavior reports for unknown malware
Convenient update support
- Automatic pattern and detection agent updates
R&R (Role and Responsibility) Support
- One-click quarantine reporting
- Supports automatic detection of target directory
- Supports automatic backup of latest detections to management server
- Supports detailed management of hierarchy and access rights (manager/control worker/operation worker)
- Automatically detects additional target directories during operation
Summary of ShellMonitor’s Key Features
| Product name |
WSS ShellMonitor |
| Latest Version |
v 2.5 |
| Release date |
May 2010 |
| Manufacturer |
UMV Inc. |
ShellMonitor
- WebShell detection
- Quarantine
- Exception
Malicious URL
- Black list
- White list
- Gray list
- URL/URI management
Personal Information Detection
- File detection
- Document detection
- DB detection
Forgery Detection
- Avoid file changes
- Random change detection
- Filter uploader
- WAS configuration file change detection
Management Function
- Rights management
- Agent management
- Update management
- Home directory auto find
VM Function
- Scale In/Out
- History management
- Network security management
- Event duplication management
Product detail:
http://umv.co.kr/eng/product/product0201.php
