Product Overview
Vulnerability scanning service
Vulnerability scanningis the first step of enterprise website information security. Using this service, through the online vulnerability scanning system, we can actively detect the possible security problems of the target WEB website, find the vulnerability under the condition of comprehensively covering CVE and OWASP vulnerability types, and sort it into an effective vulnerability report document, giving the vulnerability location, vulnerability description, vulnerability description, and vulnerability repair handling opinions.
Security crowd testing service
Crowd testing service is a comprehensive security testing service based on the integrity of the target conducted by security inspectors. It is different from vulnerability scanning in that it can find logical vulnerabilities that cannot be found through vulnerability scanning, and these logical vulnerabilities often cause more serious harm and loss to the website, The security crowd test is more about the team with security technology capability or the security white hat with ultra-high technology to provide targeted public test reports on authorization and feedback to the crowd test customers. The same will also give the vulnerability location, vulnerability description, vulnerability description, vulnerability repair handling opinions, etc.
Vulnerability repair service
Vulnerability repairis to provide protective repair services for medium and low risk vulnerabilities given in the report on the premise that there is a vulnerability report. It needs to rely on security research and development personnel with rich security problem handling managers, not only have a clear understanding of the location, principle, process, consequences and other aspects of vulnerabilities, but also need to have methods and measures to know how to prevent security vulnerabilities, After processing, we can ensure that the fixed vulnerabilities will no longer cause serious worries to the website.
Our advantages
Quotation List of Safety Service Items
| Project | unit | cost (yuan) | project description | permission remarks | |
|---|---|---|---|---|---|
| Malicious code removal | /site/time | 300 | clean up the malicious code inserted maliciously on the whole site | the authority of the whole site | |
| Detection of illegal words on the website | /site/time | 150 | detect the content of the website according to the general illegal words and prohibited words published by the Advertising Law | the website is accessible | |
| Find and remove Trojan horse malicious files in the station | /site/time | 500 | clean up the Trojan horse program put in after the whole station is hacked | the authority of the whole station | |
| Website directory file security settings | /site/time | 300 | according to application requirements folder read and write separation settings | server permissions | |
| Complete IIS dynamic and static script reading and execution permission separation settings | / station / time | 200 | according to the application type script reading and execution settings | server permissions | |
| Open source code upload vulnerability repair | /site/time | 500 | repair the vulnerability caused by the online upload function of the website | the whole site authority | |
| Commonly used site building system security patch processing | / site / time | 500 | according to the official security announcement to patch in time | the entire site authority | |
| Website anti-injection WAF code deployment | /site/time | 500 | add waf filtering function code according to program type | whole site authority | |
| Website security vulnerability scan | /site/time | 300 | give a security scan report according to the authorized domain name | authorized | |
| Website security public testing service | /site/time | 30000 | according to the authorized white hat to conduct public testing services and report to me | authorized | |
| Website security report vulnerability list processing | /vulnerability/times | 200 | modify vulnerability issues according to security vulnerability report files | whole site/server authority | |
| Website hacked traceability analysis | /station/time | on-demand quotation | website hacked analysis to find out attack methods and entrances | server permissions | |
| Server system security processing | /set/time | 3000 | system-level security protection setting processing | including installation of protection software | server permissions |
| Accurate website maintenance | / site / year | 3000 | according to the website maintenance requirements and rules to implement the maintenance plan and report | the whole site authority | |
| Accurate server maintenance | /set/year | 10000 | perform maintenance plans and reports according to server maintenance requirements and rules | server permissions | |
| Application security framework and plan and execution | one/time | quote according to demand | communicate and confirm relevant needs and details | make plan and assist in execution | and connect with special personnel |
| Server system environment configuration | /set/time | 1000 | configure the system operating environment according to customer needs | server permissions | |
| Server software environment configuration | /set/time | 1000 | configure service software environment according to customer needs | server permissions | |
| Server website site configuration | /site/time | 200 | configure server internal website service according to customer needs | server permissions | |
| Server website proxy node configuration | / station / time | 300 | configure reverse proxy node service according to customer needs | server authority | |
| Server HTTPS certificate configuration | /station/time | 500 | configure HTTPS access service according to customer needs and certificate provided | server authority | |
| Server file log system standard processing | /set/time | 1000 | on-demand processing | server authority | |
| Server file data backup management configuration | /set/time | 1000 | on-demand processing | server authority | |
| Troubleshooting and resolution of server service problems | per station/time | 1500 cases | deal with the actual situation | server authority |
Service process
