https://www.sidbi.in/ has been placed in protected zones with implementation of firewalls, MFA, Anti DDoS, DNS Sec, VPN, IPS, IDS (Intrusion Detection System), Geofencing, Anti-virus, PIM and high availability solutions.
Before the launch of https://www.sidbi.in/, simulated penetration tests were conducted. Penetration testing has also been performed after the launch.
The website is audited quarterly for known application-level vulnerabilities, and all known vulnerabilities are addressed within prescribed timelines.
Server hardening has been completed as per Center for Internet Security (CIS) benchmarks prior to launch.
Access to web servers is restricted both physically and through the network as much as possible.
Authorized physical access logs and security device logs are integrated with SIEM.
Web servers are configured behind IDS, IPS, and system firewalls.
Development is carried out in a separate environment and thoroughly tested on a staging server before deployment to production.
Production deployment is done via SSH and VPN through a single point after thorough testing.
Content from remote locations is authenticated, moderated, and not published directly to production.
All web content is checked for malicious code before uploading to the server.
Activity logs involving OS, system access, and applications are integrated with SIEM. All rejected accesses are logged for scrutiny.
Monitoring Team performs weekly checks to ensure the site is running correctly and has no unauthorized changes or links.
All software patches, bug fixes, and upgrades are regularly reviewed and applied.
Production servers have Internet browsing, email, and desktop applications disabled to maintain security.
Server passwords are changed every 5 months and shared only between Gautam Singh and Prakash Tripathi.
Grapes Telecom Pvt Ltd are designated administrators and are responsible for enforcing this policy and coordinating audits.
The website underwent risk assessments using vulnerability scanning tools both before and after launch, and all known vulnerabilities have been mitigated.
Fill in the form below to receive the product through your Email Id
