eCloud Data Guard

eCloud Data Guard is a new generation of host safeguard system based on behavior analysis to detect advanced threat attacks, which also supports monitoring and auditing of host behavior. It consists o

eCloud Data Guard is a new generation of host safeguard system based on behavior analysis to detect advanced threat attacks, which also supports monitoring and auditing of host behavior. It consists of a control center and a lightweight client to help customers provide a comprehensive solution for endpoint security.


Core Technologies:

  • Machine Learning Technology

By capturing a large number of static and dynamic user and software behavior eigenvectors of endpoints and adopting the idea of machine learning for training modeling and classification detection of endpoint user and software behavior, ecGuard Machine Learning is mainly applied to the extraction of normal and abnormal behaviors of users and software in this usage scenario, so that a knowledge base of normal and abnormal behavior of users and software in this usage scenario is derived for more efficient detection of endpoint anomalies.

  • Big Data Correlation Technology

ecGuard collects all kinds of security operation data at all levels and stages of endpoints, and automatically and intelligently correlates and analyzes the massive endpoint security data to trace the attack process and find the source of vulnerabilities and attacks, while appropriately widening the time window and extracting several attributes with intrinsic correlation through wide-time-domain data analysis to identify the time, location, type, intensity and other information of attacks.

  • Attack Scenario Traceability Technology

Through the formal representation of correlation rules and knowledge, ecGuard Attack Scenario Traceability converts the complicated and disordered security data flow into a structured and easy-to-understand attack scenario to present the scenario diagram reflecting the attack process and intention, identifies the attacker's strategy and purpose and even speculates the missed alarms and predicts the next possible attack behavior to help managers obtain more valuable network security information.


Core Features:

  • Behavior Modeling and Detection Algorithm

ecGuard employs a data model of host security behavior that interprets fine-grained and standard generic host events into understandable behavior.

  • Effective Intelligent Analysis

ecGuard applies behavioral analysis algorithms that continuously adapt to customer business activities to distinguish between normal and malicious behavior. This approach provides higher detection rates and greatly reduces false alarms.

  • Scenario Forensics and Attack Backtracking Based on Efficient DataRetrieval

ecGuard stores detailed information about each host endpoint, including but not limited to process runs, command line operations, file access, network links, configuration changes, etc. This enables security responders to perform complex queries on large amounts of data and present the easy-to-understand results.


Product Benefits:

  • Accurate strike: host-side underlying data monitoring for effectivecountermeasures against various obfuscation techniques, excludinginterference from other systems and networks and reducing false alarms

  • System stability: focuses on stable system kernel protection toeffectively avoid version adaptation issues caused by operating systempatch upgrades, thus greatly reducing maintenance costs

  • Real-time protection: instant defense and blocking to protectimportant digital assets in real time

  • Fast evolution: AI-based evolution of attack behavior patternlearning for fast iteration to support a variety of systems

  • Accurate traceability: massive information collection and efficientanalysis, providing rich data information for traceability analysis ofsecurity events

电话咨询
产品服务
解决方案
QQ客服