Single Sign On with Trend Micro

Sign In or Create an Account

Forgot Password

Get your files secured with PowerBox

Get to know what PowerBox Security technology offers for best security you can trust.


File Upload

Server

File Download

Try PowerBox Now

Keeping your Files Uploaded secured

PowerBox XSS and Session Cookie protection

Malicious attackers can inject JavaScript, VBScript, ActiveX, HTML, or Flash into cloud applications to modify the content shown on a web page and mislead customers into gathering their data. Also, attackers can steal session cookies of customers to take over their account, impersonate them, and perform transactions without their knowledge. Through its security features, PowerBox protects users from hackers trying to access their account.

Secured Server through our best integrated tools

  • Deep Security

    Besides AWS protection, PowerBox also leverages Trend Micro’s patented Deep Security to provide agentless and agent-based protection to protect our server. The security feature Deep Security provides the following:

    • Anti-Malware

      The module checks files real-time and on-demand against an extensive threat database, some of which are hosted on servers or stored locally as updatable patterns. It also checks files for certain characteristics, such as compression and known exploit code.

    • Web Reputation

      The module protects users against web threats by blocking access to malicious URLs. It uses Trend Micro's Web security databases from Smart Protection Network sources to review the reputation of sites that users are attempting to access.

    • Firewall

      The bidirectional and stateful firewall makes sure that packets originating from unauthorized sources do not reach the applications on its host.

    • Intrusion Detection and Prevention

      The module prevents computers from being exposed to threats like known and zero-day vulnerability attacks, SQL injections attacks, cross-site scripting attacks, and other vulnerabilities.

    • Integrity Monitoring

      It allows users to manage specific areas on a computer for alterations such as installed software, running services, files, directories, listening ports, as well as registry keys and values.

    • Log Inspection

      The OSSEC Log Inspection Engine gives you the ability to inspect the events generated by the OS and applications on the computers. Log Inspection Rules can be assigned directly to computers or can be made part of a Security Profile.

  • Amazon Web Services

    PowerBox leverages AWS server to its storage data. AWS was made up of encryption components to protect your files when uploaded to the server. The first component is the encryption method which conceals file data using a cryptographic algorithm. The second one is the KMI or Key Management Infrastructure. It has two subcomponents: the key storage and the management layer. The former protects the plain text keys while the latter is responsible for protecting keys by using an HSM or hardware security module to protect users from unauthorized use. A software-based authorization layer controls who can administer the HSM and which users or applications can use which keys.

PowerBox Web to Server

HTTP Strict Transport Security (HSTS)

When information is delivered from PowerBox web console to the AWS server, we use HTTP Strict Transport Security (HSTS) to protect information. HSTS is an IETF standards track protocol specified in RFC 6797. It serves as a security policy mechanism to protect websites from protocol downgrade attacks and cookie hijacking. It also allows web servers to declare that browsers or other complying user agents should only communicate with it using secure HTTPS connections and never via the insecure HTTP protocol.

Transport Layer Security (TLS)

Major websites also use Transport Layer Security (TLS) to secure all communications between their servers and web browsers and PowerBox is no exception. TLS and Secure Sockets Layer, the former's predecessor both frequently referred to as "SSL," are cryptographic protocols that supply communications security over a computer network. PowerBox uses it in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP).

File Download

Sharing Link Protection

There are three ways to secure the link you share to others to keep the files secure from malicious attackers.

  • Users can designate a password for the shared link so only those with knowledge of the password can download the files to their local drives.
  • Users can also set an expiry date for the link, which is only available for download at a specific time and date. Once the date has elapsed, the link is no longer available.
  • Lastly, users can set a download time limit. If downloading the file from the PowerBox reaches beyond a restricted time, then the link will no longer be available as well.

Advanced Encryption Standard 256

The information transfer on our backend is also protected. We use AES 256 to protect cross-domain data transfer and on different website framework. AES is based on a design philosophy known as a substitution-permutation network which is an aggregate of substitution and permutation and is fast in both software and hardware.

Overall Examination

  • OWASP

    The results returned a low risk of occurrence for users on these vulnerabilities:

    • Cross Site Scripting (XSS)

      The module checks files real-time and on-demand against an extensive threat database, some of which are hosted on servers or stored locally as updatable patterns. It also checks files for certain characteristics, such as compression and known exploit code.

    • Injection Flaws

      The module protects users against web threats by blocking access to malicious URLs. It uses Trend Micro's Web security databases from Smart Protection Network sources to review the reputation of sites that users are attempting to access.

    • Cross Site Request Forgery (CSRF)

      The bidirectional and stateful firewall makes sure that packets originating from unauthorized sources do not reach the applications on its host.

    • Information Leakage and Improper Error Handling

      The module prevents computers from being exposed to threats like known and zero-day vulnerability attacks, SQL injections attacks, cross-site scripting attacks, and other vulnerabilities.

    • Insecure Communications

      It allows users to manage specific areas on a computer for alterations such as installed software, running services, files, directories, listening ports, as well as registry keys and values.

    • Failure to Restrict URL Access

      The OSSEC Log Inspection Engine gives you the ability to inspect the events generated by the OS and applications on the computers. Log Inspection Rules can be assigned directly to computers or can be made part of a Security Profile.



  • Qualy's SSL Labs

    Qualys’ report: The SSL Report gave the PowerBox site an A Rating and scored very well on these factors:

    • Certificate

      The module checks files real-time and on-demand against an extensive threat database, some of which are hosted on servers or stored locally as updatable patterns. It also checks files for certain characteristics, such as compression and known exploit code.

    • Protocol Support

      The module protects users against web threats by blocking access to malicious URLs. It uses Trend Micro's Web security databases from Smart Protection Network sources to review the reputation of sites that users are attempting to access.

    • Key Exchange

      The bidirectional and stateful firewall makes sure that packets originating from unauthorized sources do not reach the applications on its host.

    • Clipher Strength

      The module prevents computers from being exposed to threats like known and zero-day vulnerability attacks, SQL injections attacks, cross-site scripting attacks, and other vulnerabilities.

  • SFDC Code Check

    PowerBox has integration with Salesforce.com. To pass security review, APEX code and Visualforce need to be scanned by Force.com Security Source Code Scanner. PowerBox has passed the code review with no issues found.

PowerBox

Contact Us

15 / F, Section 2, Dunhua South Road, Da'an District, Taipei

powerboxsupport@trend.org

Language

Copyright © 2021 All Rights Reserved.