Making the invisible visible - making the insecure secure

Website monitoring

The first impression must be right!

That is why the flawless performance of your website is just as important to us as its protection against attackers.

Over 10.000+ secured systems by hidden champions, SMEs and our partners.

Enginsight is the most comprehensive and simple security solution for all sizes of companies , Made in Germany.

Making security manageable

With Enginsight you are always one step ahead

Only those who know their IT are able to react quickly and eliminate vulnerabilities before they can be exploited.

Ensure performance

Check the availabilityand performanceof your website at any time. This way, you can make sure their digital flagship performs as well for potential new customers as they do.

Detect vulnerabilities

Perform a scan of your web applications within seconds and uncover flaws immediately. This gives you an overviewof vulnerabilitiesin your web services at a glance.

Create security

Take direct action against insecureand outdatedtechnologies in your web applications. This way you make the visit of your website safe for potential new customers and manifest the trustin your company.

Let's just let our customers have their say
"As an IT administrator in a mid-sized company working on a variety of tasks, Enginsight has made my day-to-day work much easier. For example, whereas before it took me 1-2 days a week to scan for security vulnerabilities, now it's one hour."

QSil AG, quartz glass manufacturer

This is where the magic starts

Keeping your company's flagship in good shape

Your website should always be 100% accessible and 100% secure. Address vulnerabilities and stay up to date on utilization and availability.

Everything in view

Performance and availability

Monitor whether your website loads reliably and quickly at all times. Be informed immediately in case of slow response times or unavailability.

Whitebox analyses

Determine security level

Analyze the deployed software and open ports for security vulnerabilities and possible entry points for attackers. Learn specifically where you can make your website more secure.

Ensure operation

Monitor encryption

Prevent outdated algorithms or misconfigurations from compromising secure and encrypted communication with your website visitors.

Making the invisible visible - making the insecure secure
SECURE ALSO AFTER THE FIRST IMPRESSION

Establish continuous monitoring to secure your web services. This allows you to react immediately to faulty technologies at any time. Use further measures to secure your IT landscape holistically.

Use IT inventory to keep an eye on your entire IT landscape.
Make the success of your security measures visible thanks to automated pentesting.
Let IDS/IPS detect threats in time and fight them for you.
Keep track of all system events at all times. And all this in just one software! Put an end to dozens of individual tools.
Check your system for vulnerabilities now for 14 days free of charge.
Feature Bashing

Technical details

Would you like to know a little more? Then you are exactly right here! Find out what Enginsight does for you in detail when it comes to website monitoring in a completely automated way.

Enginsight monitors the accessibility and response times of websites from several regions (for example, Germany and the USA). If the website is unavailable from a region, an alarm is triggered. The response times of the website distinguish between the stages of connection establishment: e.g. DNS lookup, response from the server, the first element is loaded and visible to the visitor, the entire page with all its sub-resources is loaded. Enginsight always simulates the real visitor, i.e. carries out real user monitoring.

  • Monitor from multiple locations
  • Real User Monitoring
  • Metrics for e.g. DNS Lookup, First Contentful Paint, DOM Complete

SSL/TLS monitoring monitors the certificates on the one hand, and the encryption protocols, algorithms and configurations used on the other. The certificate manager collects all the certificates used, so that it is visible at a glance where action is needed soon. The alarm about the imminent expiry of certificates completes the overview.

The offered protocols and ciphers (algorithms) of SSL/TLS connections receive a security assessment and are checked with for best practice. In addition, the SSL/TLS connection is checked against the technical guideline TR-03116-4 of the German Federal Office for Information Security (BSI).

  • Certificate Manager
  • Best Practice Protocols
  • Cipher Suite Security Check
  • BSI Compliance exam

Website monitoring creates a clear list of all DNS records and validates the set records. In addition, Enginsight checks whether all security-relevant DNS records have been set and correctly configured: CAA record (Certification Authority Authorization), SPF record (Sender Policy Framework) and DMARC record (Domain-based Message Authentication, Reporting and Conformance). Alarms can be set for changed and incorrect DNS entries.

  • Overview of all DNS records
  • Validation and Security Check
  • Alarm on changes

The HTTP connection configuration made via HTTP headers is analyzed and given a rating. For this purpose, all set HTTP headers are listed in an overview. Enginsight also tests for headers required from a security perspective (e.g. content security policy, strict transport security, X-XSS protection). For each entry in the list, the user receives a rating (ok, low, medium, high, critical).

  • Overview of all HTTP headers set
  • Security check for missing headers

HTTP configuration evaluation

Regular port scans monitor the accessibility of all common ports. Each detected port receives a score based on whether the port should typically be publicly reachable or whether its reachability poses a security risk. An alarm ensures that new ports that have been opened unintentionally are quickly detected.

  • Ports security assessment
  • Alarm on new open ports

Ideally, as little as possible can be learned about the technologies used in a web application from the outside. Version numbers in particular represent valuable information for attackers. Enginsight examines what technologies the website exposes in an HTTP header, cookie, or code.

The footprinting includes programming languages, content management systems, web servers, frameworks or libraries. A clear rating indicates how critical the enabled detection of the respective technology is to be assessed.

  • Expose technologies visible to attackers
  • Scan of HTTP headers, cookies and web page code

Based on the port scan and footprinting of the application environment, Enginsight performs a scan for known vulnerabilities (CVE). Each detected CVE is validated using the available meta-information and including the software type. It then receives an assessment via the validity traffic light, which guarantees full transparency. An alarm can be set to respond quickly to new security vulnerabilities.

  • CVE scan
  • Validation of the vulnerability
  • Alert on new CVE
But enough reading now!
A software says more than a thousand words.
Scan your IT for potential vulnerabilities now and pentest your IT - all included in the 14-day trial.

Brandneu

Das Enginsight SIEM

Die Infozentrale für alle Security-Events

Enginsight Logo