SCSI

Узнайте больше

SCSI

Powerful protection against attacks for your browser and session

SCSI is an innovative solution that provides comprehensive protection for websites against advanced cyber-attacks and in-browser and session data manipulation. System uses unique dynamic client code obfuscation for each session, adding encryption of all communication and browser session encapsulation. SCSI effectively minimises the risk of attacks and provides a secure online environment for your site.

Protection against man-in-the-browser (MITB) and man-in-the-middle (MITM) attacks

SCSI solution protects your browser from MITB and MITM attacks that may attempt to intercept and manipulate your web sessions. With SCSI, the risk of unwanted interference with communication between your browser and your website is minimised.

Other vectors of attack

Built-in Bootloader

SCSI uses the built-in Bootloader to protect sessions with dedicated session keys, dynamic obfuscation and additional encryption, ensuring that your data is secure even in the case of attacks.

Additional encryption layer

SCSI adds an additional layer of encryption and authentication inside the existing HTTPS layer, starting from the SCSI server, moving through the server infrastructure to the SCSI client in the browser. Additionally, SCSI encrypts all URLs on the website, protecting against SQL injection and Cross-Site Scripting attacks by hiding both the URL and the server-side structure.

Secure session between the customer’s browser and web-based system

Applying session obfuscation and encryption significantly improve security. Constantly changing and hidden application code makes it difficult for cyber-criminals to repeat malicious attacks.

Invisible server-based product

SCSI runs completely invisible to your clients. The solution runs as a protective layer in front of your web server, managing all data transmission between the server and the client device at browser level.

Attack methods

Effective defence against diverse attacks

SCSI solution effectively protects against unwanted browser and session data manipulation. Below are examples of attack methods that are detected and neutralised by SCSI.

Man-in-the-browser and man-in-the-middle attacks

MITB and MITM attacks can be used to steal data, take control of a user's session or hijack sensitive information. SCSI provides security features such as dynamic obfuscation of client code, encryption of communications and monitoring of browser activity, making it difficult for attackers to manipulate content sent between the server and the user.

Web injection and XSS attacks

Unsecured websites are vulnerable to malicious attacks by injecting content into browsers. Data sent between the web server and the browser can be read and modified in unencrypted form. SCSI adds an additional layer of encryption at the browser level, providing greater security than HTTPS by encrypting and authenticating traffic.

DOM manipulation

If a malicious plug-in or helper object is installed in the client's browser, it can access the full content of any website visited by the client. SCSI solution constantly monitors the displayed website and detects any attempt to make unauthorised changes to the protected website.

Session and cookie hijacking

Attackers install malicious tools that can read network traffic, steal session cookies and impersonate the victim. SCSI encryption provides secure communication all the way to the SCSI client running in the browser, which prevents inspection of the HTTP protocol. SCSI client protects session cookies, making it difficult for attackers to access them and effectively securing the session from takeover.

Часто задаваемые вопросы

Check out the answers to frequently asked questions about the SCSI solution.

How does SCSI work?

SCSI provides a comprehensive solution for protecting websites from advanced cyber-attacks. The main functions of SCSI’s operation include: dynamic client code obfuscation (the process by which web application code is modified and masked dynamically during each user session), encryption of all communication, monitoring and control of browser activity, neutralising the risk of browser content manipulation and listening in communication, preventing data theft or hijacking of user sessions.

With these features, SCSI effectively minimises the risk of unwanted intrusions into communications between the browser and the website, ensuring a high level of security for users.

Will SCSI affect the performance of my website?

SCSI’s solution is designed to have minimal impact on your website’s performance. With advanced obfuscation and encryption technology, the solution runs in the background, securing data and sessions without noticeably slowing down your site. SCSI uses processes that provide a high level of security while maintaining the smoothness and speed of of your website.

Do I need additional tools or applications beyond SCSI to use this protection?

No, SCSI does not require any additional tools or applications. All protection is provided by our solution, which runs in the background, securing data and user sessions. SCSI is installed on the server and does not require any interaction or software installation on the client side, meaning immediate deployment and full security with no additional requirements.