Product advantages
Two way traffic, precise rules
Based on the precise rules accumulated by Baidu's long-term security experience, the entire process of user access is completely restored, and the HTTP request and response content are analyzed in a two-way way to strive for accurate detection. The alarm accuracy rate is 99.5%.
Sandbox technology
The special file behavior recognition uses the box killing technology. Baidu's self-developed PHP and JSP sandboxes have been patented, which can "detonate" files in the supported sandboxes and identify malicious attacks through file behavior.
Self identification of network assets
The traffic audit can learn the customer's network architecture and asset list by analyzing all the two-way data packets of HTTP requests and responses, and further analyze whether there is vulnerability information caused by improper O&M configuration, such as weak passwords of the O&M platform, security threats caused by external non vulnerability problems of the management platform.
Correlation analysis of intrusion events
The context correlation detection engine is used to correlate the same attack behavior of the same hacker, trace the whole process of hacker intrusion, greatly reduce the amount of alarms, and reduce the trouble of security operation and maintenance personnel.
![]()