Platform
Introduction to the VenusEye Threat Intelligence Center
Introduction to the VenusEye Threat Intelligence Center
I. Name of the Platform
VenusEye Threat Intelligence Center
II. Platform Introduction
The Venuseye Threat Intelligence Center is a concentrated presentation of Venustech's years of experience in the research of network security. It has participated in the development of a number of national and industry-level threat intelligence standards.
The VenusEye Threat Intelligence Center uses advanced technologies such as static analysis, dynamic analysis, big data correlation analysis, deep learning, and multi-source intelligence aggregation to produce and deliver high-quality threat intelligence information. Based on the combination of the Venuseye Threat Intelligence Center with the Group's security products and services, it can provide users with professional threat intelligence data, products, services and analysis capabilities, and provide various intelligence threat docking methods like API, offline library and STIX standards, which are suitable for testing probe, analysis and awareness, attack backtracking, operation and maintenance service, solution and other application scenarios.
III. Construction Plan
According to the definition of threat intelligence given by Gartner, the threat intelligence is some kind of knowledge based on evidence, including the context, mechanisms, identification, meaning, and recommendation that can be implemented, which is related to threats or hazards that have existed or are forming, and can be used to provide information support for the response or treatment of threats or hazards imposed by asset-related entities.
Product Deployment Diagram
IV. Ability to Output
4.1 Threat Intelligence Detection: Various big data analysis platforms, network devices, security devices as well as operation and maintenance systems are part of the important consumers of threat intelligence. Through the combination of the collected real-time network traffic, logs and other data with threat intelligence data, the threat clues in the real-time data are found and identified.
4.2 Tracing of Threat Intelligence: Through the combination of the massive historical traffic and log data with the constantly updated threat intelligence data, and the analysis on this basis, the secret channels hidden in the massive network communication can be found and the lurkers in the network can be identified.
4.3 Threat Intelligence Study and Judgment: Through the VenusEye Threat Intelligence Center, the network security operation and maintenance personnel can query and make a judgement on the identified IP, domain name and malicious samples.
V. Expert Services
Cloud detection of intelligence
Issue of trends and warnings
Construction of the information system
Security expert services
Customized solutions
Service hotline:
400-810-7766 (24H)
E-mail:
shfw@leadsec.com.cn
Address:
Zhongguancun, 8 dongbeiwang west road, haidian district, BeijingSoftware park 21