Link Web Apps to Firesight Protection System
About the Protection System
The system analyses HTTP and HTTPS requests transmitted over the internet in real time, detects malicious attack attempts, and blocks them.
“Firesight” operates as an additional layer of protection between the user and the web server. This reduces the risk of malicious requests reaching the web server directly.
Attacks Detected and Blocked
- SQL Injection attacks
- Cross-Site Scripting — XSS
- Local File Inclusion — LFI
- Remote File Inclusion — RFI
- Remote Code Execution — RCE
- PHP Injection attacks
- Java Injection attacks
- Malicious HTTP and HTTPS requests
How the System Works
User Request
A user sends an HTTP or HTTPS request to a website or web application.
→
“Firesight” Inspection
Incoming traffic is analysed in real time according to established security rules.
→
Web Server
Only requests identified as legitimate and safe are forwarded to the web server.
Request Processing Workflow
Request Reception
An incoming internet request directed to the web resource is first received by the “Firesight” system.
Real-Time Analysis
The request content, source, behaviour, and compliance with security rules are analysed.
Decision-Making
The system determines whether the request is legitimate, suspicious, or malicious and applies the appropriate protection measure.
Forwarding or Blocking
Legitimate requests are forwarded to the server, while malicious or suspicious requests are restricted or blocked.
Additional Detection Capabilities
“Firesight” can detect not only attacks aimed at exploiting web application vulnerabilities, but also automated and suspicious traffic activity.
BOT
Automated Bots
Suspicious bot activity involving automated requests to the web resource is detected.
SCAN
Vulnerability Scanners
Automated scanning attempts aimed at identifying vulnerabilities in the web application are detected.
TRF
Suspicious Traffic
Unusual request volumes, malicious patterns, and suspicious network activity are monitored.
DDoS
DoS and DDoS Activity
Traffic activity intended to disrupt service operations is detected and restricted.
Key Service Outcomes
Reduced Cyberattack Risk
Malicious attempts targeting websites and web applications are detected at an early stage.
Malicious Traffic Blocking
Malicious and suspicious requests are prevented from reaching the web server.
Stable Service Operation
The impact of bots, scanners, and malicious traffic is reduced, improving the stability of the web resource.
Additional Protection Layer
A separate security layer is established between the user and the web server.
Real-Time Monitoring
Incoming HTTP and HTTPS requests are continuously inspected and analysed.
Enhanced Security Posture
The overall security and protection level of the web application is strengthened.
Final Result
This service helps reduce the risk of cyberattacks targeting the web resource, prevents malicious traffic from reaching the server, and improves the overall security level of the web application.
+99871 203 00 23
Report cyber incident:
incident[at]uzcert.uz
Tashkent city, Mirabad district,
Taras Shevchenko street 20
