Customer SupportGet Expert Help
Skip to main content

Emergency Mitigation

MaxiSafe’s Emergency Mitigation module is designed to provide rapid, targeted responses to critical threats that bypass standard security measures. By implementing Kill Switch, Static Website, and Read-Only Website, MaxiSafe mitigates potential data and financial losses during severe attacks while maintaining controlled service availability.

Kill Switch

Kill Switch provides immediate isolation of the targeted website, intercepting all client requests to prevent further exploitation and data exposure.

Scenarios:

  • DDoS Attacks: Excessive traffic overwhelms origin servers, causing significant performance degradation.
  • Credential Stuffing: Large-scale login attempts attempt to gain unauthorized access through compromised credentials.
  • 0-Day Exploits: Newly discovered vulnerabilities are actively exploited before patches are applied.

Operational Flow:

  • Upon activation, the Kill Switch blocks all incoming requests, effectively taking the website offline.
  • A predefined HTML page is displayed to all visitors, communicating the temporary service suspension while securing backend resources.
  • The Kill Switch remains active until security patches are deployed or the attack subsides, preventing further damage.

Static Website

Static Website restricts access to preconfigured static content while preventing dynamic interactions, maintaining basic visibility during ongoing attacks.

Scenarios:

  • Data Scraping: Attackers attempt to extract data from database-driven content through automated scraping tools.
  • Application Exploits: Malicious requests target API endpoints or form submissions to manipulate content or extract sensitive data.
  • Vulnerability Exploitation: Server-side vulnerabilities could be further exploited through dynamic content interactions.

Operational Flow:

  • Static Website mode permits access to only HTML pages, images, and JavaScript files, blocking all dynamic content requests.
  • API requests, form submissions, and other interactive elements are restricted to prevent data manipulation or exfiltration.
  • This mode minimizes the attack surface while maintaining limited service availability, enabling ongoing monitoring and forensic analysis.

Read-Only Website

Read-Only Website restricts write operations, permitting only safe read operations to minimise data exposure while maintaining controlled access.

Scenarios:

  • Data Exfiltration Attempts: Attackers leverage compromised credentials to extract data from the database.
  • Content Modification: Web defacement or unauthorized content changes aim to manipulate site content.
  • Ransomware Threats: Attackers attempt to encrypt content management systems or modify critical assets.

Operational Flow:

  • Read-Only mode allows only GET and HEAD requests, enabling safe content access without permitting write operations.
  • Write operations, such as POST, PUT, and DELETE, are blocked to prevent unauthorized modifications or data corruption.
  • This mode enables business continuity while mitigating operational risk, allowing incident response teams to assess and resolve ongoing threats effectively.