BitNinja Security Starting Point - A Short Educational Program
Here at BitNinja we think that cyber security should be simple. So, we’ve designed BitNinja to make your life easier. We’ve built features and capabilities that can greatly simplify your work.
Here is a short guide to our product with tips and helpful hints. These educational articles should help you properly utilise BitNinja's features to grow your company while having a clear understanding of how it works!
1. Network Attacks - What are they and how can you filter them with BitNinja?
2. Malware Detection - Set up, schedule, catch and quarantine with BitNinja
3. WAF- Managing patterns and testing the BitNinja WAF
4. IP filtering - Blacklists, whitelists, greylists and the BitNinja logic
In this first article we will tell you more about:
Network attacks are unauthorized actions on the digital assets within a company’s network. Attacks are on the rise so it is important to keep in mind the most important type of attacks.
The Network Attacks tab is where you can take a deep dive. Thanks to our unified dashboard, here you will see each attack that happened on all of your servers and all the modules that have been triggered by some type of malicious activity.
📌 If an IP attacks any of your servers, every other server will be protected against that IP in a matter of seconds.
For example, you can see the label "PORT HITS" any time when someone did try to discover open ports on your server and reached our HoneyPot (fake ports) we set up for them.
We have developed a powerful technique to filter out even more unwanted traffic and grow our IP reputation list - we have historical information about 100,000,000 IP addresses!
🍯 BitNinja Honeypots trap suspicious connections, so cybercriminals won’t be able to access the valid services on your servers, only the fake ones which are set up to trap them. 100 honeypots are set up by default to capture most attacks. BitNinja will also turn backdoors it discovers into honeypots automatically. Honeypots not only collect information about suspicious IPs, but also automatically block them to prevent further attacks. On an average week, honeypots catch more than 50 million attacks, and the false-positive ratio is only 0,0012%.
The details you see here are specific to the type of incident that you ran into. For example, you will see the HTTP Header related to incidents that triggered our WAF.
Furthermore, you can also filter for specific incidents:
📌 Testing the modules to see the incidents is also possible: Testing BitNinja | BitNinja Documentation
