Summary

The security analysis and management system integrates all-weather, all-directional security information collection, dynamic perception, risk prediction, collaborative response and other functions. Based on the technology of data collection entire network abnormal events and security and intelligence, to carry on the multi-dimensional, multi-angle analysis of the data correlation, and situational change from the trend of the subtleties found that risk, so as to realize threat perception recognition, understanding analysis and response processing, solve the judging from discovery, to prevent the risk of scenario-based requirements, and provide data support for decision makers, for the enterprises and institutions, national security escort.


安全分析与管理系统


Customer Value


互联网舆情监测系统

Security threat intelligence presentation

Collect the logs of various security devices, switching devices and host devices, analyze the traffic, fuse massive data, conduct efficient and intelligent analysis and detection through big data analysis platform, and continuously output network security threat events.

互联网舆情监测系统

Visualization of safety governance

Pay attention to the security threat and security state of the whole network, can clearly describe the attack method, describe the detailed attack path, and evaluate the security of each branch, providing data support for the leadership decision.

互联网舆情监测系统

Visualization of safety operations and maintenance

Intuitively and comprehensively grasp the network state and security situation, so that the operation and maintenance personnel can understand the business state information and security event alarm, and distinguish the alarm according to the key, so as to assist the analysis to form evidence chain and build a clear picture of the security operation and maintenance.


Characteristic

安全分析与管理系统

01, through the active and passive asset detection methods, real-time accurate continuous monitoring of asset changes, automatic identification of network equipment, host, security equipment, operating system, database, web application and other assets.


02. Various security data are collected and classified, including the following categories: asset situation, vulnerability situation, network threat situation, intrusion attack situation, Web attack situation, vulnerability attack situation, lost host situation, network traffic situation, zombie Trojan horse situation, ransomware situation.


03. Store and extract metadata of the original message of the current threat event, implement traffic analysis, data drilling and threat tracing functions, automatically store traffic files related to threat behavior, and provide basis for system diagnosis and maintenance.


04. Support the linkage with the third party security agencies or manufacturers, form the sharing and sharing of threat intelligence, and improve the ability to detect security threats.


05, focus on showing the system found major network security risks, intrusion attacks, security vulnerabilities, malicious programs spread events, sudden network security events, etc., through email or SMS timely warning.


06. Vulnerability system vulnerability library covers mainstream operating system, database, web middleware, network equipment, security equipment, etc. Asset evaluation is carried out from two dimensions of asset vulnerability and vulnerability impact.



Application Scenarios

针对境外某国税务系统复杂的网络环境,通过部署清创网御安全分析与管理平台建立涵盖事前、事中、事后的检测、监控和预警体系,并提升运维人员应对安全突发事件的现场处置能力。


安全分析与管理系统