Qingteng Wanxiang

The Qingteng Wanxiang Host Adaptive Security Platform quickly and accurately detects security threats and intrusion events through continuous monitoring and fine-grained analysis of host information and behavior, and provides flexible and efficient problem solving capabilities to provide users with next-generation security detection and response capabilities.

The core platform architecture of Qingteng Wanxiang is mainly composed of three parts: Agent, Engine, and Console, to provide basic, flexible and stable core competency support for product services: Agent - Host Probe Agent can be installed on the host with just one command. It runs stably, has low consumption, and automatically adapts to various physical machines, virtual machines, and cloud environments. Engine - As the information processing center of the core platform, the security engine supports horizontally expanded distributed deployment, and can continuously analyze, detect, and store the information and behavior received from various agents. Console - The control center interacts with users in the form of a web console, clearly displays the results of various security tests and analyses, and provides centralized security tools to facilitate users to perform system configuration, management, security response and other related operations.

Product features: Asset inventory: find out the bottom of the family and quickly locate The asset inventory function can automatically construct fine-grained asset information according to user needs, and can perform a comprehensive inventory of host assets, application assets, web assets, etc., to ensure that users can grasp all host asset conditions in real time, including the Web, systems, processes, ports, accounts, software applications, etc.

Risk discovery: understanding risks and continuous testing

The risk discovery function analyzes potential risks and compliance issues within the system in a fine-grained manner, discovers web application vulnerabilities, weak passwords, risk files, misconfigurations, etc. in a timely manner, generates analysis reports and gives detailed repair suggestions, making security management clear and measurable. Formulate reasonable security policies according to business needs, and build a complete and customized security system.

Intrusion detection: Detect intrusions and respond quickly By laying down characteristic anchors as a necessary path for hacking, hacking behavior is analyzed based on behavioral patterns and key models, and combined with the latest threat intelligence, intrusions are discovered as soon as possible to ensure that corporate losses are minimized.

Compliance baseline: identify issues and supervise rectification The compliance baseline establishes a benchmark requirement composed of domestic equal guarantee requirements and CIS, covering multiple versions of mainstream operating systems, web applications, databases, etc. Users can quickly self-test risks within the enterprise, find problems and fix them in a timely manner, and can also define their own baseline standards as a security benchmark for internal enterprise management.