Overview

<p>Situation Awareness (SA) is a big data-based security analysis platform and a portal for users to check security risks, providing protection at the network layer, the host layer and the application layer with the function of risk warning, attack detection and attack backtracking. SA is able to comprehensively analyze the security situation for users and to accurately grasp the security situation of cloud servers.</p>

Advantages

<p>1. Easy-to-use</p> <p>Security incidents and analysis results are displayed clearly.</p> <p>2. Make quantitative analysis of security risks and make predictions</p> <p>Machine learning is used to sort out and to analyze all logs; potential security risks can be judged and predicted with the analysis of assets&rsquo; dependency and attack techniques.</p> <p>3. Multiple ways of displaying security incidents and analysis results</p> <p>Security incidents and analysis results are displayed in a variety of ways so as to figure out the overall security situation.</p>

Functions

<p>1. Security monitoring with extremely rapid response</p> <p>&bull;&nbsp;False positives are one of the problems that trouble users and security experts most. False positives can be reduced with correlation analysis of the network terminal and the host terminal.</p> <p>&bull; The monitoring covers hacker intrusions, web attacks and DDoS attacks.&nbsp;</p> <p>2. Accurately detect webshell and malicious process with the least false positives</p> <p>&bull; Identify possible intrusions, obtain relevant information from traffics, host&rsquo;s behaviors and host&rsquo;s logs and further use models to make analysis to achieve 99.9% accuracy in detecting intrusions.</p> <p>3. Scan web loopholes and hidden configuration risks, and detect weak passwords</p> <p>&bull; Scan web loopholes like SQL injection and XSS. Monitor and detect loopholes in host&rsquo;s ECS configuration</p> <p>4. Use visual screens to display the security situation</p> <p>&bull; Display global page views and attacking process in a visual way, thus allowing users to have a panoramic view of the security situation.</p>

Application scenarios

<p>1. Scan webs&rsquo; loopholes all day without affecting the performance of websites and provide detailed suggestions for fixing loopholes.</p> <p>&bull; It is said that 50% websites in China have high-risk loopholes. My Business runs well at ECS. But it is unknown whether any loopholes exist. The function previously mentioned can scan common web loopholes. In addition, loopholes in system configuration and weak passwords can be detected through baseline inspection. Users will be informed of fixing the loopholes timely.</p> <p>2. Comprehensively test websites to ensure safe and smooth running and to avoid data leakage</p> <p>&bull; Issue a HTTP (s) request for comprehensive detection, use security big data and modeling to make analysis, help users clean the network threats suffered, evaluate the protection strategies, and get the first chance in the attack-defense battle.</p> <p>3. Monitor whether a website is facing DDoS attacks.</p> <p>&bull; If a server under your management is facing DDoS attacks, DDoS attacks can be immediately detected through our monitoring of all traffics on the cloud. In addition, the description of the traffic components, the total cleaning volume and the time of attack will facilitate the effective evaluation of business impacts.</p>
Did the above content solve your problem? Yes No
Please complete information!

Call us

400-151-8800

Email us

cloud@pingan.com

Online customer service

Instant reply

Technical Support

cloud products