Complementary to the existing security protection system, it can defend against known and unknown network attacks,
and establish a security system to effectively protect the business system.
The attack and defense are not equal Based on the traditional security protection system, the enterprise can only passively increase the defense means, and cannot take the initiative to "counter" the attacker. |
Intranet penetrating events cannot be sensed Traditional defense methods cannot detect and intercept the behaviors that have penetrated the Intranet in time. |
Insider leaks cannot be prevented The evil of internal personnel has a high degree of concealment, and the traditional protection system can not prevent the secret theft of internal ghosts. |
The attack cannot be traced The traditional security defense system cannot capture the attacker's attack means, attack purpose, breakthrough, device fingerprint and other information, and cannot analyze the hacker's attack methods and upgrade the security defense policy. |
The false alarm rate and missing alarm rate are both high Traditional security protection devices discover attackers based on the blacklist mechanism and periodically update the signature database. Advanced attackers easily use various circumvention methods to avoid the detection rules of the blacklist. As a result, the false positive rate and missing negative rate of attack detection are high. |
Business simulation The simulation sandbox is used to deploy services in off-line mode in different network areas, such as the office network, production network, and cloud center network. |
Protection against deception Traps are deployed in the path of hacker attacks to confuse real business with sandbox simulation business, to trap and isolate attackers, and to protect real business. |
Intrusion alarm When an intrusion event occurs, the intrusion event is captured and an intrusion alarm is generated in time. |
Attack tracing Analyze and trace the captured attack events, analyze the attack path and attack methods of the attacker, scan the asset information of the attacker, such as port opening and service fingerprint, record the IP address, physical location, device fingerprint, and social ID of the attacker, and sketch and locate the attacker. |
Security Services After the system is deployed, the attack and defense drill service is provided to test the effect of the system defense. Through the real network attack and defense, the system can provide reference and reference experience for the attack tracing system. In addition, the emergency response service helps enterprises respond in time to eliminate security threats after an intrusion event occurs. |
Capture unknown threats to protect Intranet security Capture unknown security threats and ongoing attacks on the Intranet to prevent Intranet service systems and services from being attacked. |
Tracing attack events to find the source of the attack Relying on the high interactivity of the system's camouflage agent, decoy and honeynet, the attacker is induced to deeply invade the system, repeat the entire attack event, and clearly grasp the attack trajectory and behavioral details. The combination of equipment fingerprint and hacker portrait technology can realize the source of the attack, and clearly grasp the internal security vulnerabilities and risks. |
Threat intelligence output, security environment perception The ability to analyze the captured attack data enables effective threat intelligence output to assist business systems with targeted security reinforcement. At the same time, the security of the internal network environment where the business system is located can be accurately sensed. |
The establishment of a defense system in depth Complementary to the deployed security protection systems based on known rules, such as firewalls, IDS, and IPS, the system can defend against known and unknown network attacks and establish a deep defense system to effectively protect the security of the service system. |
Background of the Project With the rapid development of the "Internet +" strategy in the financial industry, information security has long been integrated with business. The increasingly complex network security situation also puts forward high requirements for various enterprises in the financial industry, especially in terms of security protection ability. |
Customer pain point Small and medium-sized banks have many thresholds in information construction, and banking business involves more and more important data, complicated security equipment, and more and more diversified external attacks. The traditional security protection system has been falling behind more and more. According to its own situation, how to formulate appropriate strategies to deal with security threats in the big data environment with limited manpower and capital is exactly the problem facing the bank. |
The Solution Jingan Technology has deployed attack tracing solutions for customers, helping the bank realize automatic threat discovery, dynamic attack protection, potential threat detection and real-time response through multi-dimensional correlation analysis, and accurate attack identification and tracing with spoofing defense technology under the circumstances of a small number of personnel and complicated affairs. |
Value of scheme For banks, solving the problem of attack and defense mismatch, changing passive defense to active defense, which can detect and block attacks with high sensitivity and protect assets. For the public security authorities, the attack can be traced back to the source, as well as conclusive evidence of the attack real name system to combat cybercrime. For the public, the difficulty and cost of hackers' attacks are enhanced, reducing the probability of attacks to a certain extent and creating a more security network transaction environment for citizens. For industry regulators, to master the threat dynamics and overall situation facing the industry, unified collection of blackmail data, industry sharing. |
Company Name: Shanghai Jingan Information Technology Co., LTD
Email:info@easmcn.com
Official Accounts
Mini Programs
