Sign In
Forgot Password Sign In
Sign In Sign In
Get to know what PowerBox Security technology offers for best security you can trust.
File Upload
Server
File Download
Malicious attackers can inject JavaScript, VBScript, ActiveX, HTML, or Flash into cloud applications to modify the content shown on a web page and mislead customers into gathering their data. Also, attackers can steal session cookies of customers to take over their account, impersonate them, and perform transactions without their knowledge. Through its security features, PowerBox protects users from hackers trying to access their account.
Besides AWS protection, PowerBox also leverages Trend Micro’s patented Deep Security to provide agentless and agent-based protection to protect our server. The security feature Deep Security provides the following:
The module checks files real-time and on-demand against an extensive threat database, some of which are hosted on servers or stored locally as updatable patterns. It also checks files for certain characteristics, such as compression and known exploit code.
The module protects users against web threats by blocking access to malicious URLs. It uses Trend Micro's Web security databases from Smart Protection Network sources to review the reputation of sites that users are attempting to access.
The bidirectional and stateful firewall makes sure that packets originating from unauthorized sources do not reach the applications on its host.
The module prevents computers from being exposed to threats like known and zero-day vulnerability attacks, SQL injections attacks, cross-site scripting attacks, and other vulnerabilities.
It allows users to manage specific areas on a computer for alterations such as installed software, running services, files, directories, listening ports, as well as registry keys and values.
The OSSEC Log Inspection Engine gives you the ability to inspect the events generated by the OS and applications on the computers. Log Inspection Rules can be assigned directly to computers or can be made part of a Security Profile.
PowerBox leverages AWS server to its storage data. AWS was made up of encryption components to protect your files when uploaded to the server. The first component is the encryption method which conceals file data using a cryptographic algorithm. The second one is the KMI or Key Management Infrastructure. It has two subcomponents: the key storage and the management layer. The former protects the plain text keys while the latter is responsible for protecting keys by using an HSM or hardware security module to protect users from unauthorized use. A software-based authorization layer controls who can administer the HSM and which users or applications can use which keys.
When information is delivered from PowerBox web console to the AWS server, we use HTTP Strict Transport Security (HSTS) to protect information. HSTS is an IETF standards track protocol specified in RFC 6797. It serves as a security policy mechanism to protect websites from protocol downgrade attacks and cookie hijacking. It also allows web servers to declare that browsers or other complying user agents should only communicate with it using secure HTTPS connections and never via the insecure HTTP protocol.
Major websites also use Transport Layer Security (TLS) to secure all communications between their servers and web browsers and PowerBox is no exception. TLS and Secure Sockets Layer, the former's predecessor both frequently referred to as "SSL," are cryptographic protocols that supply communications security over a computer network. PowerBox uses it in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP).
There are three ways to secure the link you share to others to keep the files secure from malicious attackers.
The information transfer on our backend is also protected. We use AES 256 to protect cross-domain data transfer and on different website framework. AES is based on a design philosophy known as a substitution-permutation network which is an aggregate of substitution and permutation and is fast in both software and hardware.
The results returned a low risk of occurrence for users on these vulnerabilities:
Qualys’ report: The SSL Report gave the PowerBox site an A Rating and scored very well on these factors:
PowerBox has integration with Salesforce.com. To pass security review, APEX code and Visualforce need to be scanned by Force.com Security Source Code Scanner. PowerBox has passed the code review with no issues found.
15 / F, Section 2, Dunhua South Road, Da'an District, Taipei
powerboxsupport@trend.org
Copyright © 2021 All Rights Reserved.