NSIA (Network System Integrity Analysis) v0.8.99 released
The ThreatFactor NSIA is a website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any latency and will not interrupt business operations.
At it’s core, ThreatFactor uses an advanced analysis engine that is capable of detecting a wide variety of issues and can be modified with custom signatures.
NSIA can be configured perform almost any action once an issue is identified, such as sending a text message (IM, email, SMS) or executing a script.
Type of Issues Detected
The ThreatFactor solution was designed specifically to help organizations quickly identify issues on your websites that may tarnish your organization’s image or adversely affect your customers, partners and employees such as:
- Website Defacements: Malicious users are trolling the Internet specifically for websites to deface. Oftentimes, these websites contain offensive language or images and likely result in tarnished image.
- Web Exploits: Oftentimes, attackers compromise a website and install exploits to attack the website visitors. These are often classified as silent defacements since the site does not look like it was visually changed. Sophos noted that the vast majority of websites hosting malware (around 80%) are legitimate sites that have been compromised . Furthermore, ThreatFactor can detect websites that have been modified in such a way to send private customer information (such as login information) to a third party.
- Sensitive Information Leaks: Websites can leak sensitive information through detailed error messages, files that were not intended to served to the public and misinformed blogger employees.
- System Failures: ThreatFactor can detect many types of website system problems such as:
- Broken Links
- Error and warning messages
- Poorly configured servers or servers with default configuration
- Expired SSL certificates
- Server errors
- Automatic Content Baselining and Self-Tuning
- Automatic Web-Content Discovery
- Built-In Web Interface
- Comprehensive Signature Set
- Full Access Controls
- Integrated Custom Signature Editor
- SIEM Integration
- Integrated Database