How Sectigo Web Security Brings Unified Protection to Web-Facing SMBs

eWEEK SECURITY PRODUCT ANALYSIS: As cybersecurity becomes an essential function for connected businesses, mSMBs (micro, small and medium businesses) are still struggling to protect their digital assets. Sectigo aims to lessen this burden with an integrated platform approach.

Sectigo.security

Cybersecurity is becoming something that everybody needs but no one wants to be responsible for. Nowhere is this more true than in the world of micro, small and medium businesses, where CISOs (chief information security officers) are a rarity and budgets are constrained, yet threats are on the rise. What’s more, the current Covid19 crisis has forced businesses to adopt new ways of working, such as supporting remote workers, BYOD (bring your own device) options, and of course, work from home policies; all of which further complicate cybersecurity.

This new work-from-home era has raised the stakes for website security, and the workload can be daunting. Businesses must not only ensure secure communications for their dispersed workforce but also keep a growing army of cybercriminals looking to exploit online businesses at bay. 

A recent Verizon report addressing security incidents found that web applications were involved in 43% of breaches, double the number found in the year prior. Even before mSMBs scrambled to pivot their businesses online, many lacked comprehensive security. We will see these numbers continue to rise without supporting resource-constrained teams with web security solutions that proactively find and address risks.

Roseland, N.J.-based Sectigo aims to resolve these cybersecurity dilemmas in the form of the Sectigo Web Security Platform, a suite of web-based security tools that provide a unified approach to protecting connected businesses from the ever-evolving threat landscape. The integrated platform is designed to scale from micro-small businesses to enterprises, based on business needs. 

A closer look at Sectigo Web Security Platform

As the name implies, Sectigo Web Security Platform is available as a hosted platform that comes in three flavors, called plans. The Web Remediate Plan, which starts at $149 per year, is the entry level plan and includes the following services: Web Detect, Web Patch, Web Clean and Web Backup & Restore. The Web Perform Plan starts at $299 per year, and adds the Web Accelerate and Web Firewall services, integrating Enterprise grade CDN and WAF solution. The top-tier plan is the Web Complete Plan, which starts at $499 per year and adds Web Comply for PCI Compliance. Sectigo offers customer discounts for multi-year commitments, along with Sectigo SSL certificates as an all-in-one solution bundle or as a la carte products.

As a platform-based service, Sectigo offers notable capabilities, such as the ability to scale, provide modularity, and be customized to offer the level of comprehensive security that a business requires. 

Web Remediate

The Web Remediate Plan, which is the company’s entry level platform, offers key basic features, including Daily Security Monitoring, CMS Core & Plugin Patching, Malware Remediation, and Daily Website Backup. For businesses hosting a presence on the web using a CMS (content management system), Sectigo Web Detect automatically scans CMS systems daily to detect critical weaknesses and proactively patch those vulnerabilities. Automating the patching process eliminates many of the back doors that cybercriminals have come to rely on to compromise CMS systems, plug-ins and ecommerce systems. For businesses hosting a presence on the web that are non-CMS, the solution works just as effectively. Additional protection comes from the daily security monitoring, which scans websites for malware, vulnerabilities, and also monitors blacklists to resolve false spam reporting.

The malware remediation component, known as Sectigo Web Clean, automatically removes active infections from website files. Removal is fully automated and does not disrupt site functionality. Databases are also remediated and malware infections are removed from popular database driven-websites such as WordPress, Joomla!, or any web application using a MySQL database.

Working alongside Sectigo Web Clean is Sectigo Web Patch, detecting security vulnerabilities found in commonly used CMSs, extracting the security fixes from new releases, and backporting them to all earlier versions. Through these automated security patches, online assets are protected before they can even be exploited. The tool works from a database of 10M+ threats, working to instantly protect while also providing easily digestible reports. 

Finally, the plan also includes Sectigo Website Backup & Restore, which uses an automated incremental backup system to protect a mix of CMSs such as WordPress, Joomla, Drupal and others. A one-click restore option mostly automates the restoration process and gives administrators the ability to quickly reverse any damage to a website to the last known noncorrupt status. The tool detects any changes to the website and can trigger an automatic backup, while also informing administrators of those changes. Sites are saved for 90 days, with an option to extend the backup history to beyond that time. Administrators also have the ability to manually restore sites, giving them full control of the restoration process.

Web Perform

The Web Perform plan adds two important options: Web Accelerate and Web Firewall on the Web Perform plan. The Web Accelerate component uses a CDN (content delivery network) that boosts performance and speed, while enhancing global reach. With more than 45 edge locations, the CDN brings higher website performance to most anywhere on the globe. Sectigo bundles in instant purge, real-time analysis and intelligent caching that can improve website loading by as much as 68% while reducing bandwidth by as much as 70%. 

Also included is DDoS protection, which can reduce the severity of even the most aggressive distributed denial of service attack. 

A Web Application Firewall (WAF) is also part of the Perform plan and works hand-in-hand with the CDN. The WAF protects websites and web applications from malicious traffic, further enhancing the security of applications, while also contributing to increased performance. The WAF protects against OWASP Top 10 Threats and can detect bad bots or other harmful traffic generators and prevent any incoming damage to the website.

Web Complete 

The Web Complete plan includes everything in the Web Perform plans and adds a critical component that is needed by any businesses playing in the ecommerce game, PCI Compliance. The platform brings simple and fully automated PCI DSS compliance to a website and scans all traffic to make sure that compliance is maintained. 

Conclusions

Sectigo’s three different plans offer something for everyone. Any business that is looking to simplify protecting their web assets, and more specifically, their CMS and ecommerce systems, can benefit from the Sectigo Web Security Platform. Provisioning any of the plans is rather straightforward and proves to be one of the quickest ways to move enterprise websites under the shell of the Sectigo Web Platform 

As businesses seek to accelerate their adoption of the web, integrate remote and home users into web-hosted applications and bring forth enhanced protection, Sectigo offers the necessary tools to ease the pain of that flavor of digital transformation. The platform approach, combined with automation and analytics, further enhanced by simplifying the backup and restore process, should bring peace of mind to security-conscious administrators seeking to meet multiple demands, including keeping ecommerce sites compliant, while also improving the performance of more heavily used CMSs and keeping malicious code and actors at bay. 

What’s more, the consolidation of website security, a single-pane-of-glass integrated platform and automation and alert notifications that only send when needed, reduce the level of stress encountered by managing the security suite with ease and allow administrators to focus more on the daily tasks of improving offerings. The big pluses of the platform include the available CDN, combined with a WAF, which should improve website performance significantly for a workforce that is quickly becoming remote and distributed. The PCI DSS compliance component is a nice add on for businesses struggling to transform from brick and mortar sites to e-commerce solutions. 

The price for the platform proves rather reasonable for businesses venturing into CDNs and looking to maximize performance without making large investments in hardware or additional hosting options. While it may be hard to predict what the future holds for the typical workforce, at the very least, Sectigo offers a fast track way to address immediate concerns. 

Frank Ohlhorst is a veteran IT product reviewer and analyst who has been an eWEEK regular for many years.