Big HIDS- Cloudsway

Big HIDS

Continues monitoring of host assets and processes by leveraging lightweight host probes with cloud based intelligent analysis engine and threat intelligence. Provide users with early detection, on-the-fly intrusion monitoring, as well as attack tracing capabilities

Learn More

Benefits

Intelligent & Accurate Detection

Accurate detection of abnormal access behavior while continuously optimizing intrusion strategies.

Dual Engine Defense Powered by Extensive Data

Proprietary rule engine and AI engine to cross-validate response. Connected to the global intelligent platform to leverage extensive data to drive continuous detection accuracy.

Instant Alerts

Proactive full lifecycle protection combining real-time monitoring and scheduled verification. Intrusion events are reported with instant alerts.

Efficient & Reliable

Host probes with low resource consumption has reliably supported over 150,000 Wangsu servers for years of operation. Efficient operation can be guaranteed even under high load and high concurrency scenarios.

Streamlined Installation and Operation

Host probe can be installed with one single command and supports automated updates, virus libraries and vulnerability libraries are updated on the cloud in real time, with zero reliance on manual intervention.

Closed Loop Services

Complete closed loop with expert services including risk assessment, security consolidation, vulnerability validation, penetration testing and emergency response. Covering every aspect from threat monitoring to security incident handling.

Features

Asset Inventory Archiving

Associate risk identification with intrusion detection leveraging a visual query interface，encompassing host discovery, host inventory, application inventory and structured asset information.

Risk Identification

Early detection of security risks, accurately identify weak passwords, system vulnerabilities, application vulnerabilities, and non-compliant security baselines, provide guidance for security consolidation and mitigate threats.

Intrusion Detection

Multiple anchors to monitor in real-time abnormal logins, suspicious accounts, abnormal processes, virus and Trojans, sensitive file tampering and other intrusion events, send instant alert messages after detection.

Real-time Defense

Protection against brute force cracking and malicious code, and provide optimal security defense capability while consuming minimum resource.

Security Response

Manual security service access for emergency response, security operators will quickly obtain snapshot information of core assets and assist in the handling of intrusion events.

Attack Tracing

Intelligently analyze massive security logs, log retrieval and visual clues to help users locate the source of attack and the cause of intrusion.

Scenarios

Asset Inventory
Risk Discovery
Intrusion Detection
Attack Tracing

It is very difficult to manage assets in enterprises with a massive business system, issues often arise where the test host and site are poorly controlled, unnecessarily exposing ports and may lead to intrusion. When high-risk vulnerabilities are exploited by intruders, it is often difficult to rapid locate risky assets.

With the host probe, you can fine tune assets in an integrated manner, armed with asset information such as hosts, system accounts, open ports, running processes, and components operation teams can quickly identify attacks and locate risky assets and respond to the latest security incidents.

IT operators lack the means of continuous detection of weak passwords, making it difficult to quickly identify, repair and verify high-risk vulnerabilities, and unable to effectively manage the security baseline of systems and applications.

Host intrusion detection automatically detects weak passwords, vulnerabilities and security baselines, and new security risks are instantly discovered.
Hierarchical management of vulnerabilities, verify high-risk vulnerabilities by means of attack simulations, and effectively identifying vulnerabilities of interest.

Advanced attack methods are difficult to detect and may remain undetected for extended periods of time, traditional security measures often reports excessive amount of false positives, thus intrusions are difficult to detect and respond to in a timely manner.

Host intrusion detection monitors key characteristics of hacker intrusion in real time at the host level.
During an intrusion, abnormal behavior can be quickly detected and instant alerts issued, enabling the security team to carry out emergency response measures.

In the event of an intrusion, it is necessary to clearly identify all the intrusion actions taken by the hacker, determine the damage, find the point of intrusion and eliminate vulnerabilities. The traditional approach of looking for leads among numerous logs can be time consuming and inefficient.

With host intrusion detection, users can analyze leads from many dimensions, such as login log, instruction operation, system log, etc. at the same time, users may review threat intelligence, identify the source of intrusion, compromised assets, and intrusion behavior, and attempt to locate the source of the intrusion, narrow the scope of investigation.