Cybersecurity Situation Awareness Platform

Cybersecurity Situation Awareness Platform

 > Products>Network Security>Cybersecurity Situation Awareness Platform>Cybersecurity Situation Awareness Platform
Cybersecurity Situation Awareness Platform

The Big Data Platform for Cybersecurity Threat Awareness from DP Technology aims to help users detect APT attacks, compromised host, spread of zombie virus, worm and Trojan horse and other security threats, thus enabling accurate traceback and emergency response. Taking network security big data plus AI intelligent analysis technology as the core, the Platform realizes visualization of security event, network-wide threat and traffic, asset and vulnerability, etc. by combining active/passive detection, threat intelligence, UEBA, attack behavior modeling, compromised host detection and other technologies. In this way, it helps customers evaluate their network security status and make decisions on actions. What’s more, the Platform is designed in accordance with GBT-20984-2007, network security Protection System 2.0 and other relevant requirements in order to fully meet compliance requirements.

Product Functions Function Descriptions
Security Event Monitoring It supports the aggregation and management of various security events such as the spread of zombie virus, worm and Trojan horse, vulnerability exploitation, C&C channel, APT, sensitive information leakage, etc. Further action policies can be developed based on alerts, and hacker archives can also be generated.
Security Threats Analysis Capable of multi-dimensional and multi-scene modeling, it can perform analysis from multiple dimensionalities, such as internal threats, external threats and outreach threats. It realizes attack traceback by presenting and including attack chain information in relation graph.
Threat Intelligence Correlation It supports the acquisition of a massive volume of threat intelligence. The data reported by probes can be correlated with threat intelligence in real time, enhancing the ability to detect any indication of advanced threats.
Vulnerability Detection and Verification Full detection of asset vulnerabilities is enabled on the Platform. In simulation of manual penetration, it performs vulnerability verification, and keeps track of the corrective actions of vulnerabilities to enable closed-loop management.
Abnormal Traffic Analysis The platform performs regular monitoring on network traffic. Based on self-learning and user-defined models, it is capable of detecting abnormal traffic in the network in an intelligent manner.
Network-wide Asset Monitoring Asset identification is enabled by combining active scanning and traffic mirroring. Custom labels and weight settings are adopted to realize refined management.
Security Situation Display The Platform presents network security situation in an all-round manner. Through deep coupling between users’ services and industry scenarios, a win-win situation can be achieved both at the macro level of supervision and at the micro level of operation and maintenance.
Actions based on Interactions A list containing threat addresses prior to any disposal is displayed. According to this list, actions such as blocking, unblocking and ignorance can be taken.

These specifications apply only to DPtech products available on the international market.

Subscription account Service account