WEB Shield explores the external attack surface exposed on the web by the organization and identifies all the resources related to it. The resources identified are freely visible on the web and therefore easy to attack.
The detection is carried out using only non-intrusive techniques, on external resources and remote access points - interfaces with external systems and the Internet. It therefore does not include internal vulnerabilities.
A continuous monitoring of web assets is scheduled for a minimum period of three months, with periodic bi-weekly reports, unless there are particular critical issues.
WEB Shield detects dead branches (resources no longer used) that can be deleted, checks the update status of all web applications or APIs, certificate expiration, domain expiration, and checks PCI DSS, NIST and HIPAA compliance.
Aletheia performs all the checks that make up WEB Shield and the results can be provided to the customer in the form of a periodic report, or available through our platform.
Our standard provides for a bi-weekly update, but our control is continuous, so we are able to report an alert or, if the customer requests it, we can agree different frequency for the update.
In the following is the screenshot of the WEB Shield planning, with the different sections that it is composed of.
The yellow "Print report" button makes the report available on your computer in PDF format with the name you want to assign.