BitNinja

BitNinja makes companies like yours bulletproof by arming your server security with a unified and pro-active system, specialized in preventing 99% of all types of malicious attacks, causing reputation loss for your company.
Eliminating threats from your Linux servers saves you at least 12 hours of troubleshooting per day by reducing the number of server alerts and customer complaints by 98% − allowing you to establish a growing and more satisfied customer base.

Need proof?

For example, BitNinja helped MissGroup to reach 98,99% drop on customer complaints about hacked sites and emails, while saving an enormous amount of server resources.

HOW IT WORKS?

Full-stack server security in one easy-to-use protection suite

BitNinja gives Linux servers real-time protection against a wide range of threats without the need of any configuration and long hours of work.
It provides 9 protection modules for the different aspects of cyber attacks - ranging from malicious port scans, through exploitations, to infections. So no XSS, DoS, malware, port sweeping, script injection, phishing site, brute force attack and other automated attacks will threaten you and your customers. All major protocols (HTTP, HTTPS, SMTP, POP, IMAP, SMTP, FTP, SSH) are covered as well.
Set-up the BitNinja Plesk Extension on your server within 5 minutes and protection will start up automatically. It is designed to install and work with as little human interaction as possible, but unique adjustments are available as well.

THE 9 DEFENSE MODULES

Port Honeypot

After installation, BitNinja opens 100 randomly chosen unused or closed ports while taking into account the existing services you are running to avoid any interruptions. These ports act like honeypots, faking existing services and exposing malicious IPs, before they can attack your server.

As most attacks begin with scanning for possible vulnerabilities, Port Honeypot instantly blocks future attacks: any malicious IPs will be automatically greylisted so they can’t infect your server.

IP Reputation

Servers protected by BitNinja collect and share attack information with each other. Together, they form a global defense network. This means when any BitNinja protected server detects an attack, your server is immediately vaccinated against the malicious IP at the source of the attack.

Collective Intelligence creates a set of manageable IP lists. These sets grant security on different levels: greylists, whitelists, blacklists and essential list.

DoS Mitigation

BitNinja constantly monitors the number of simultaneous incoming and outgoing connections and blocks DoS attacks via TCP based protocols with our unique approach. Unlike other solutions, we don’t permanently block the source but drop the connections and greylist the attacker IP. This way, we reduce the number of false positives and complaints from clients behind proxy networks and NAT routers.

Web Application Firewall

Our Web Application Firewall (WAF) constantly scans and analyzes the incoming traffic flow to your server, looking for malicious content based on different factors. Used in conjunction with Log Analysis, WAF guarantees an extremely low false positive rate while stopping attacks against the applications running on your server.

BitNinja provides automatic updates and firewall rules. We constantly patch new vulnerabilities for you. For custom needs, you can also easily set up a list of whitelisted domains or URLs.

Log Analysis

BitNinja constantly monitors your server logs. As soon as it detects any suspicious behavior, it blocks further malicious actions.

Log Analysis goes a step further an checks events logged prior to the installation of BitNinja, in order to identify previous attack attempts and at the same time, to greylist hackers.

Web Honeypot

Web Honeypot works like Port Honeypot, with one important exception – you can replace any compromised file with honeypot scripts. You get the same benefits, plus additional customization is available to trap hackers and prevent further attacks.

Malware Detection

Protects against malicious file uploads, script injection, remote code injection, and CMS (WordPress, Joomla, Drupal, etc) vulnerability exploitations. After quarantining, BitNinja replaces the file with a web honeypot to entrap the Command & Control (C&C) server.

We push new malware definition files automatically so BitNinja is always up-to-date, and your server is always protected against the latest threats.

Outbound WAF

BitNinja’s OutboundWAF module scans only outgoing connections real-time, with the built-in HTTP proxy solution, looking for malicious content based on different factors.

SSL Terminating

The duty of this module is to offload HTTPS connections, and help our CaptchaHttp and WAF module to work properly with HTTPS requests and protect your server better.

PRO FEATURE SET

• Global defense network + Worldwide honeyfarm
• Unified Dashboard for centralized server management
• Real-time protection on HTTP, HTTPS, IMAP, POP3, SSH, FTP
• IP reputation management (Essential/Black/White/Greylists)
• Country block feature
• CAPTCHA/BIC security check
• Command line interface (CLI)
• Detailed analytics for deep analysis
• Cloudflare integration
• 1-line installation
• Weekly security reports
• Real-time malware protection and automatic removal
• Block access to backdoor files used by hackers
• Machine learning operation
• Web Application Firewall (WAF)
• Fine-grained settings for WAF exceptions (domain patterns, lockdown, ruleset templates)
• SQL injection prevention
• XSS prevention
• OWASP Top10 threat protection
• Remote file inclusion (RFI) prevention
• CMS (WordPress/Drupal/Joomla) specific WAF settings
• Remote code execution prevention
• Data leakage prevention
• Comment spam elimination
• Outbound Web Application Firewall (OWAF)
• Blocking of automated botnet attacks
• Illegal resource acces prevention
• Basic DoS auto-detection and protection (layer 4-7)
• Fast zero-day response
• Port Honeypots
• Web Honeypots
• Log Analysis
• Daily and weekly malware reports