Sucuri

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Sucuri, Inc
Private
Founded 2010
Headquarters USA
Key people
Daniel B. Cid and Tony Perez
Website sucuri.net
For the snake, see Anaconda.

Sucuri is a company started by Daniel Cid in 2010 (founder of the OSSEC project as well). Its history stems to another open source project by Daniel known as OWL, which later morphed into the Network-Based Integrity Monitoring System (NBIMS) for websites. The early premise for Sucuri was to provide webmasters a tool that provides visibility into the state of security for their websites. In 2010, Sucuri became a private LLC in Delaware, and Dre Armeda was invited as a co-founder. In 2011, Tony Perez joined the team as the third co-founder.

Today, Sucuri is a globally-recognized thought leader in the website security industry. Sucuri is syndicated by all major media outlets for their research into the latest tactics, techniques and procedures (TTP) being employed by cybercriminals looking to abuse websites and their associated resources. Sucuri is a globally distributed company, with over 100 employees, across 27 different countries.

They offer website owners a comprehensive security package that includes a monitoring, incident response, and protection platform. Website owners are able to subscribe into their protection platform (a.k.a., Sucuri Firewall) which offers mitigation services against DDoS attacks (e.g., L3/L4/L7) and prevents software exploitation attempts (e.g., XSS, SQLI, RCE) via their virtual patching and hardening technology.

Over the past few years Sucuri has been investing heavily in building out their cloud-based Firewall product. It includes 6 SuperPOP (e.g., Points of Presence / Data center) and a total of 9 Content Distribution Network (CDN) nodes around the world. The 6 SuperPOP’s are located in Tokyo, San Jose, Dallas, Washington D.C., London and Frankfurt.

Components[edit]

Sucuri consists of a main application that tracks all the domains and sites being monitored and a set of tests to be done. Everything is executed in the cloud and a web interface is available to manage all the information.

  • Web-based Integrity monitoring - Alert on changes to web sites
  • Web-based Malware detection - Crawler and detects malware on web sites
  • Whois monitoring - Tracks your Whois records for changes
  • DNS Monitoring - Tracks your DNS (IP addresses, domains for changes)
  • Web interface - Management interface to manage it all.
  • Malware Removal - Exploit remediation and server hardening
  • Website Firewall - Protection for websites against common threats and DDoS attacks

Sucuri uses the principle of responsible disclosure to raise awareness about software vulnerabilities on their website security blog.

References[edit]

[1] [2] [3] [4] [5] [6] [7]

  1. ^ Dan Goodin (2016-09-29). "Record-breaking DDoS reportedly delivered by >145k hacked cameras". Ars Technica. Retrieved 2017-01-27. 
  2. ^ "Network Solutions under attack again | Domain Incite - Domain Name Industry News, Analysis & Opinion". Domain Incite. Retrieved 2017-01-27. 
  3. ^ Mimoso, Michael (2016-10-19). "Attackers Hiding Stolen Credit Card Numbers in Images | Threatpost | The first stop for security news". Threatpost.com. Retrieved 2017-01-27. 
  4. ^ David Davidson. "Network-based integrity monitoring keeps website hacks in check". Searchmidmarketsecurity.techtarget.com. Retrieved 2017-01-27. 
  5. ^ "Hundreds of WordPress Blogs Hit by 'Networkads.net' Hack — Krebs on Security". Krebsonsecurity.com. 2010-04-09. Retrieved 2017-01-27. 
  6. ^ "'Design Flaw' Led To Wave Of Attacks On Hundreds Of WordPress Blogs". Darkreading.com. Retrieved 2017-01-27. 
  7. ^ Brook, Chris. "The first stop for security news". Threatpost.com. Retrieved 2017-01-27. 

External links[edit]