Website Security Services: We Protect your IT Infrastructure

Protected from attacks: we guarantee availability and ensure secure data traffic

DDoS Attacks: We Guarantee Availability

We protect our clients from distributed denial-of-service attacks (DDoS attacks). These are attacks aimed at blocking a service or server. Following a DDoS attack, a requested service or client is no longer available or only available to a limited extent. Financial losses, reputational damage, dissatisfied users and data theft are some of the possible consequences.

We use Incapsula’s on-demand service to protect against Layer 3/4 DDoS attacks. Your advantages:

  • On-demand protection from DDoS attacks up to 10 Gbit/s.

  • Guaranteed availability of 99.999%.

  • Extremely low latency.

  • Network traffic does not have to leave the EU; 9 locations in Europe and 29 across the globe route all network traffic in the event of an attack.

  • The DDoS protection does not affect performance if no attack occurs.


Web Application Firewall (WAF): We Stop Cyber Attacks

A web application firewall (WAF) examines all requests sent to a web server and its responses. Should the firewall detect any suspicious or dangerous patterns, it stops all further communication. Possible attacks include cross-site scripting, SQL injection, forceful browsing and cookie poisoning.

We use a WAF to fend off malicious data traffic on the application layer (Layer 7). We use the F5 Big-IP Application Security Manager (ASM) as a WAF – the leading product on the market. The service offers protection from the Top 10 threats identified by the Open Web Application Security Project (OWASP). The web application firewall enables us to take both a whitelist and blacklist approach.

Let’s Encrypt Certificates: Protecting Personal Data

You want users to be safe while using your application:

  • Transport layer security (TLS): Transport layer security (TLS) is a protocol that protects personal data when users communicate with applications online. TLS ensures that unauthorised third parties can’t intercept or change the communication between user and client. Consequently, using TLS makes your website more trustworthy for users and adds integrity. Moreover, TLS prepares you for HTTP/2, ensuring you’re ready for the future. And: Using transport layer security also means you rank higher in search engines like Google. We provide our managed services clients with free TLS certificates from Let’s Encrypt.

  • Domain name server (DNS): As part of our DNS service, we check all certificates for certificate authority authorisation (CAA) before they are issued. This means we can stop certificates being incorrectly issued by insecure certificate authorities (CA) in advance. Our DNS services are part of our managed services offering.

WAF, protection from DDoS attacks and TLS certificates are part of our Managed Service offering.

More about Managed Services

Penetration Testing: Simulated Attacks to Prepare for Critical Situations

Together with a cyber security partner, we perform web application penetration tests. We use real attack strategies to systematically uncover vulnerabilities. These vulnerabilities are either caused by the application itself or its relationship to the rest of the IT infrastructure.

Our systems benefit from maximum security standards – both for us and our clients

Vulnerability Scanning: We Scan Our Systems Automatically for Security Weaknesses

Security is our top priority. This is why we regularly scan our systems for vulnerabilities. Any vulnerabilities identified automatically generate a ticket and are fixed in the next patching process. Our vulnerability scanning is authenticated to prevent downtime and guarantee accurate results and practical recommendations.

We Are ISO 27001 Certified

Our private cloud hosting service has been certified to ISO 27001:2013 since April 2018.

Carmen CandinasApril 2018

Unic commits to information security: ISO 27001 certification

Since April 2018, Unic’s Private Cloud Hosting service is certified according to the international standard ISO 27001:2013. This certification attests Unic to be compliant with the demanding requirements for an information security management system (ISMS).

Unic commits to information security: ISO 27001 certification

The certification commits us to:

  • systematically assessing information security risks, including threats, vulnerabilities and impacts.

  • drafting and implementing information security controls and/or other forms of risk management (such as risk avoidance or risk transfer).

  • introducing a comprehensive management process to ensure that information security controls continue to meet requirements.

Website Security Check

Would you like to know how secure your web application is? We can perform a website security check for you. After we have conducted our check, you receive a report with suggestions for feasible improvements which will not only increase your website security but also its performance.

How it works

We check more than 25 different headers, DNS settings and other elements of your website. That is how we detect whether your application is safe from attacks and protects your customers’ personal data on the web. As part of our website security check, we assess how difficult and risky it would be for you to implement our recommendations. If you wish, we can also compare your website’s security with that of a competitor or partner to provide you with even more specific suggestions on how to improve the security of your website.

Read more about security

August 2019

OWASP Top Ten: That's how we increase website security

Unic has continuously invested in improving website application security. In this blog post, we’re showing how our security measures help to mitigate the OWASP Top Ten.

Learn more

Marcel Wiedemeier

Any questions? I’d be happy to answer them.

Stefanie Berger, Senior Sales Consultant Operations

    Stefanie Berger