1. What is WebALARM?
WebALARM is an enterprise-grade data integrity monitoring and recovery system. Its main functionality includes:
2. Why do we need WebALARM when we already have a firewall?
WebALARM plays a different role compared to the firewall.
A firewall is good as a network gateway that controls what network traffic is allowed to pass through it. Firewalls are important to filter unnecessary traffic and some common network-based attacks. However, many web attacks are embedded within the web traffic that is allowed by the firewalls.
That’s where WebALARM comes into the picture to function as an additional layer of defense against unauthorized data changes. WebALARM, even though will not prevent the attacks, will immediately detect any successful data change caused by these attacks and will take the necessary actions. WebALARM is there to clean up the mess when all other preventive measures have failed.
3. Does WebALARM prevent website hacking?
WebALARM monitors the web data, detects unauthorized changes and performs automatic recovery.
WebALARM does not prevent the hacking activities, but will play an important role after any successful hacking to recover the web content to its original state.
WebALARM is not a preventive system (like firewalls), but a data change detection and recovery system.
4. Can WebALARM monitor dynamic web content?
Dynamic web content is generated by a web application where the output of the web application is changing based on either user input, system time, or data in the database.
WebALARM can protect dynamic content by firstly monitoring the web application program files that generates the content. Next, WebAlarm can be used to monitor selected data in the database by using custom SQL scripts.
5. Can WebALARM monitor databases?
The database files are controlled directly by the database management system (such as Oracle, SQL server, etc). These files are not suitable to be monitored directly by WebALARM.
However, database query scripts can be written to select critical data within the database and to output the query results to text files that can be monitored by WebALARM. The scripts can be scheduled to run periodically to generate the output data.
In this case, WebALARM will only detect changes, but will not perform automatic recovery.
6. Can WebALARM stop cross-site-scripting and SQL injection attacks?
WebALARM is a detection and recovery system. It does not prevent web attacks such as cross-site-scripting or SQL injection.
However, if such web attacks have modified any of the data monitored by WebALARM, it will trigger data violation alerts and performs the necessary data recovery where possible.
WebALARM will complement web application firewalls in defending against such attacks.
7. How does WebALARM differentiate between an unauthorized data change by the hacker and a legitimate update by the webmaster?
WebALARM provides the most comprehensive data update management options, including on-demand updates, scheduled updates, and also automated update detetion and publishing using the WebALARM Update Management Agent (UMA) component.
For on-demand and scheduled updates, WebALARM only accepts changes during the speficied time period.
For automated update using UMA, WebALARM only accepts changes sent from the UMA.
8. Does WebALARM consume much server resources and slow down the server performance?
WebALARM runs as a background process on the server. During each file scan cycle, WebAlarm will consume some CPU and I/O resources but will not introduce much delays to the server, typically less than 10% of the server resources. When WebAlarm is not scanning, no resource is consumed.
WebALARM configuration allows administrator to throttle WebALARM scanning speed to reduce system resource usage.
WebALARM on the Windows OS has a special feature using the OS file event triggers to detect file changes, which does not use any system resources.
9. Can WebALARM integrate with any network management system?
WebALARM can be configured to send SNMP events to any network management system (such as HP OpenView, IBM Tivoli, CA Unicenter, OpenNMS, etc).
The administrator will see the WebALARM data integrity violation alerts within the network management console.
10. Can WebALARM integrate with content management system?
By using the WebALARM Update Management Agent (UMA), WebALARM should work with various types of content management systems.
In this case, the content management system should be configured to publish any content change to a folder monitored by the WebALARM UMA. The UMA will then propagate the updates to the live web servers.
List of available Product documentations are available in PDF format below.
WebALARM Presentation Slides
WebALARM Technical Whitepaper
WebALARM 4 Release Information
Enterprise WebALARM Web Console Data Sheet
How does WebALARM complements Web Application Firewalls (WAF)
Threat Detection & Management with WebALARM and Security Information & Event Management (SIEM)
Technical Knowledge-Base (KB)
Click here for answers to your questions about our product technical information.
Video Guides (Installation and Basic Operations)
How to install WebALARM Console (WAC) on Windows
How to install WebALARM Update Management Console (UMC) on Windows
How to install WebALARM Agent (WAA) on Windows
How to install WebALARM Agent (WAA) on Linux
How to install WebALARM Update Management Agent (UMA) on Windows
How to install WebALARM Update Management Agent (UMA) on Linux
How to add a new WebALARM server agent
How to add a new WebALARM database
How to install and preparing MySQL server for WebALARM Report Viewer (WRV) on Windows
How to install and preparing MySQL server for WebALARM Report Viewer (WRV) on Linux
How to configure reporting database server on WebALARM Console (WAC)
How to install WebALARM Report Viewer (WRV) on Windows
Web Online Training
There are three courses provided listed below.
Course 1: WebALARM Product Training
This course is suits for sales representatives or pre-sales professionals. It covers more on the product overview, features, positioning and use cases.
Course 2: WebALARM Technical Training
This course is suits for technical support engineers. It covers more on the product installation, administration, maintenance and troubleshooting. In order to enroll this course, candidates must first complete the “Course 1”.
Course 3: WebALARM Enterprise Console (WEC) Technical Training
This course is suits for technical support engineers. It covers more on the WebALARM Enterprise Console (WEC) installation, administration, maintenance and troubleshooting. In order to enroll this course, candidates must first complete the “Course 1” and followed by the “Course 2”.
To take these courses, click here please.
Note: A credential is required to take the course. To register, submit your request here please.
1. What is TheGRID?
TheGRID is a user device identification and authentication solution, which typical complements any existing access control authentication measures such website login authentication or transaction authentication.
2. What is TheGRID for?
TheGRID is used for two primary purposes:
3. Who would need TheGRID?
4. What are the key benefits of TheGRID?
5. How is TheGRID different from other alternative solutions?
TheGRID has the following advantages over alternative solutions:
6. How does TheGRID stop identity theft?
TheGRID implements two-factor authentication using the user’s device as the additional proof of user’s identity. By registering the set of devices used by the user to access the website and associating the set of devices to the user’s login ID, two-factor authentication is achieved by uniquely identifying the user’s device and verifying it with the list of registered devices for that particular user. The device registration process can easily be incorporated seamlessly into a website’s existing login workflow.
7. How does TheGRID stop subscription account sharing?
TheGRID enforces account sharing restrictions by imposing a limit to the number of devices allowed for each subscriber account. Unauthorized account sharing now becomes extremely inconvenient because these users typically do not share their physical computers and they might not even be within a localized geographic location. The time-sharing of the subscription account is no longer possible.
TheGRID – Stop Identity Theft Brochure
TheGRID – Stop Subscription Sharing Brochure
TheGRID Beacon Brochure
TheGRID Beacon Datasheet
*This section will be made available soon!
e-Lock Corporation Sdn Bhd (318992-M)
Business Suite, 19A-26-3, Level 26, UOA Centre
19 Jalan Pinang, 50450 Kuala Lumpur, Malaysia.
e-Lock Japan Co., Ltd.
6F, 3-12-7, Kojimachi, Chiyoda-ku,
102-0083 Tokyo, Japan.