The first impression must be right!
That is why the flawless performance of your website is just as important to us as its protection against attackers.
Over 10.000+ secured systems by hidden champions, SMEs and our partners.
Enginsight is the most comprehensive and simple security solution for all sizes of companies , Made in Germany.
With Enginsight you are always one step ahead
Only those who know their IT are able to react quickly and eliminate vulnerabilities before they can be exploited.
Check the availabilityand performanceof your website at any time. This way, you can make sure their digital flagship performs as well for potential new customers as they do.
Perform a scan of your web applications within seconds and uncover flaws immediately. This gives you an overviewof vulnerabilitiesin your web services at a glance.
Take direct action against insecureand outdatedtechnologies in your web applications. This way you make the visit of your website safe for potential new customers and manifest the trustin your company.
QSil AG, quartz glass manufacturer
Keeping your company's flagship in good shape
Your website should always be 100% accessible and 100% secure. Address vulnerabilities and stay up to date on utilization and availability.
Establish continuous monitoring to secure your web services. This allows you to react immediately to faulty technologies at any time. Use further measures to secure your IT landscape holistically.
Would you like to know a little more? Then you are exactly right here! Find out what Enginsight does for you in detail when it comes to website monitoring in a completely automated way.
Enginsight monitors the accessibility and response times of websites from several regions (for example, Germany and the USA). If the website is unavailable from a region, an alarm is triggered. The response times of the website distinguish between the stages of connection establishment: e.g. DNS lookup, response from the server, the first element is loaded and visible to the visitor, the entire page with all its sub-resources is loaded. Enginsight always simulates the real visitor, i.e. carries out real user monitoring.
- Monitor from multiple locations
- Real User Monitoring
- Metrics for e.g. DNS Lookup, First Contentful Paint, DOM Complete
SSL/TLS monitoring monitors the certificates on the one hand, and the encryption protocols, algorithms and configurations used on the other. The certificate manager collects all the certificates used, so that it is visible at a glance where action is needed soon. The alarm about the imminent expiry of certificates completes the overview.
The offered protocols and ciphers (algorithms) of SSL/TLS connections receive a security assessment and are checked with for best practice. In addition, the SSL/TLS connection is checked against the technical guideline TR-03116-4 of the German Federal Office for Information Security (BSI).
- Certificate Manager
- Best Practice Protocols
- Cipher Suite Security Check
- BSI Compliance exam
Website monitoring creates a clear list of all DNS records and validates the set records. In addition, Enginsight checks whether all security-relevant DNS records have been set and correctly configured: CAA record (Certification Authority Authorization), SPF record (Sender Policy Framework) and DMARC record (Domain-based Message Authentication, Reporting and Conformance). Alarms can be set for changed and incorrect DNS entries.
- Overview of all DNS records
- Validation and Security Check
- Alarm on changes
The HTTP connection configuration made via HTTP headers is analyzed and given a rating. For this purpose, all set HTTP headers are listed in an overview. Enginsight also tests for headers required from a security perspective (e.g. content security policy, strict transport security, X-XSS protection). For each entry in the list, the user receives a rating (ok, low, medium, high, critical).
- Overview of all HTTP headers set
- Security check for missing headers
HTTP configuration evaluation
Regular port scans monitor the accessibility of all common ports. Each detected port receives a score based on whether the port should typically be publicly reachable or whether its reachability poses a security risk. An alarm ensures that new ports that have been opened unintentionally are quickly detected.
- Ports security assessment
- Alarm on new open ports
Ideally, as little as possible can be learned about the technologies used in a web application from the outside. Version numbers in particular represent valuable information for attackers. Enginsight examines what technologies the website exposes in an HTTP header, cookie, or code.
The footprinting includes programming languages, content management systems, web servers, frameworks or libraries. A clear rating indicates how critical the enabled detection of the respective technology is to be assessed.
- Expose technologies visible to attackers
- Scan of HTTP headers, cookies and web page code
Based on the port scan and footprinting of the application environment, Enginsight performs a scan for known vulnerabilities (CVE). Each detected CVE is validated using the available meta-information and including the software type. It then receives an assessment via the validity traffic light, which guarantees full transparency. An alarm can be set to respond quickly to new security vulnerabilities.
- CVE scan
- Validation of the vulnerability
- Alert on new CVE