Web security and risk analysis Protect your website, web server and e-commerce business

Enginsight monitors the accessibility and response times of websites from several regions (for example, Germany and the USA). If the website is unavailable from a region, an alarm is triggered. The response times of the website distinguish between the stages of connection establishment: e.g. DNS lookup, response from the server, the first element is loaded and visible to the visitor, the entire page with all its sub-resources is loaded. Enginsight always simulates the real visitor, i.e. carries out real user monitoring.

• Monitor from multiple locations
• Real User Monitoring
• Metrics for e.g. DNS Lookup, First Contentful Paint, DOM Complete

SSL/TLS monitoring monitors the certificates on the one hand, and the encryption protocols, algorithms and configurations used on the other. The certificate manager collects all the certificates used, so that it is visible at a glance where action is needed soon. The alarm about the imminent expiry of certificates completes the overview.

The offered protocols and ciphers (algorithms) of SSL/TLS connections receive a security assessment and are checked with for best practice. In addition, the SSL/TLS connection is checked against the technical guideline TR-03116-4 of the German Federal Office for Information Security (BSI).

• Certificate Manager
• Best Practice Protocols
• Cipher Suite Security Check
• BSI Compliance exam

SSL SSL/TLS: Best practice monitoring in just three clicks!

Website monitoring creates a clear list of all DNS records and validates the set records. In addition, Enginsight checks whether all security-relevant DNS records have been set and correctly configured: CAA record (Certification Authority Authorization), SPF record (Sender Policy Framework) and DMARC record (Domain-based Message Authentication, Reporting and Conformance). Alarms can be set for changed and incorrect DNS entries.

• Overview of all DNS records
• Validation and Security Check
• Alert on changes

The HTTP connection configuration made via HTTP headers is analyzed and given a rating. For this purpose, all set HTTP headers are listed in an overview. Enginsight also tests for headers required from a security perspective (e.g. content security policy, strict transport security, X-XSS protection). For each entry in the list, the user receives a rating (ok, low, medium, high, critical).

• Overview of all HTTP headers set
• Security check for missing headers

HTTP configuration evaluation

Regular port scans monitor the accessibility of all common ports. Each detected port receives a score based on whether the port should typically be publicly reachable or whether its reachability poses a security risk. An alarm ensures that new ports that have been opened unintentionally are quickly detected.

• Ports security assessment
• Alarm on new open ports

Ideally, as little as possible can be learned about the technologies used in a web application from the outside. Version numbers in particular represent valuable information for attackers. Enginsight examines what technologies the website exposes in an HTTP header, cookie, or code.

The footprinting includes programming languages, content management systems, web servers, frameworks or libraries. A clear rating indicates how critical the enabled detection of the respective technology is to be assessed.

• Expose technologies visible to attackers
• Scan of HTTP headers, cookies and web page code