“Key Checks” is a feature within Cirl that serves as the core of the platform’s security scanning capabilities. These checks are critical in evaluating the various security aspects of a website to ensure its integrity and safety. Below, we provide detailed documentation on the purpose and functionality of each key check performed by Cirl.
Overview
The “Key Checks” section of the Cirl dashboard presents a list of various threat types and the status of each check. These checks are comprehensive assessments designed to identify and categorize potential security risks on a website.
Threat Types and Their Significance
1. Misinformative Website: Detects websites that may be intentionally spreading false or misleading information.
- Status: A ‘Clean’ status indicates no signs of misinformation have been found.
2. Content Security Policy Not Set: Ensures that the website has a Content Security Policy (CSP) in place to prevent cross-site scripting (XSS) and other code injection attacks.
- Status: ‘Clean’ means a CSP is in place; ‘Detected’ indicates it is missing or incomplete.
3. X-Frame Options Not Set: Checks for clickjacking protection by ensuring ‘X-Frame-Options’ HTTP header is present.
- Status: ‘Clean’ signifies protection is active; ‘Detected’ shows it’s not set, leaving the site vulnerable to clickjacking.
4. Cookie Without SameSite Attribute: Verifies that cookies have the ‘SameSite’ attribute set to prevent cross-site request forgery (CSRF) attacks.
- Status: A ‘Clean’ status confirms that cookies are properly configured with ‘SameSite’; ‘Detected’ suggests the attribute is missing.
5. Information Leak – Date/Time Server: Checks for accidental disclosure of server date and time information which could be exploited.
- Status: ‘Clean’ means there is no leak; ‘Detected’ indicates the server is revealing its date and time.
6. Information Leak – Web Application: Looks for unintentional exposure of web application details that hackers could exploit.
- Status: ‘Clean’ implies no leaks; ‘Detected’ means potential exposure of web application details.
7. Information Leak – Server Details: Scans for unintended disclosure of server information.
- Status: ‘Clean’ indicates the server details are secure; ‘Detected’ means sensitive server information might be exposed.
8. Malware Based on Operating System: Scans for various types of malware targeted at different operating systems like Windows, Linux, and Mac.
- Status: ‘Clean’ across each OS type implies no malware was found; ‘Detected’ would mean malware tailored for that OS is present on the website.
9. Browser URL Malware: Checks for malware that manipulates website URLs, particularly targeting web browsers like Chrome.
- Status: ‘Clean’ suggests URLs are safe; ‘Detected’ points to potential manipulation of URLs.
10. Social Engineering (by Platform): Monitors for tactics used in social engineering attacks across platforms like Windows, Linux, Mac, and mobile operating systems.
- Status: ‘Clean’ signifies no threats found; ‘Detected’ highlights potential social engineering tactics being used.
11. Potentially Harmful Applications: Identifies applications that could be harmful to your website and user data. These checks look for known bad applications or behaviors that could put your users at risk.
- Status: ‘Clean’ indicates such applications haven’t been found; ‘Detected’ means there’s a potential risk from an application.
12. IP Based Malware: Scans for malware threats that may originate from or target specific IP addresses.
- Status: ‘Clean’ denotes no IP-based threats; ‘Detected’ suggests that there may be malicious activity associated with an IP address.
13. Unwanted Software: Checks for software that is not typically malicious but may affect user experience negatively, such as adware or unnecessary toolbars.
- Status: ‘Clean’ confirms no unwanted software is present; ‘Detected’ indicates such software may be installed.
14. Whitelisting: Assesses if the site correctly implements whitelisting practices, allowing only authorized actions and blocking potential threats.
- Status: ‘Clean’ indicates effective whitelisting; ‘Detected’ suggests that whitelisting may not be properly configured.
Each of these key checks is an essential part of maintaining a healthy and secure web presence. The Cirl platform automates the scanning and reporting process, enabling website owners to identify and address security issues promptly.
Actionable Insights
If a potential risk is ‘Detected’ in any of the key checks, Cirl provides actionable insights on how to resolve the issue. These may include:
- Implementing or updating security headers like Content Security Policy and X-Frame-Options.
- Configuring cookie attributes to enhance security.
- Reviewing server configurations to hide unnecessary information that could be exploited.
- Scanning and cleaning malware for specific operating systems.
- Educating users about social engineering threats and putting preventive measures in place.
- Ensuring applications on your site are safe and necessary for user interaction.
- Regularly reviewing and updating IP address blocklists.
Compliance and Reporting
The “Key Checks” section also aligns with various compliance standards, ensuring that your website meets legal requirements and industry best practices for cybersecurity. Cirl enables you to generate reports based on these checks, which can be used for compliance audits, stakeholder reviews, or internal assessments.
Summary
Cirl’s “Key Checks” feature offers a comprehensive, automated system for monitoring your website’s security health. With clear statuses and detailed reporting, you can stay informed and take decisive action to protect your site against a wide range of cybersecurity threats.
