Baishan’s new, next-generation SIEM (security information and event management) security product is based on UEBA-AI (user and entity behavior analytics) technology that can automatically identify deep levels of threats; build deep correlations; detect unusual behavior; identify unknown threats on the intranet and extranet. In addition to identifying and classifying behavior and threats, the product has powerful visual presentation and analytical capabilities.
Smarter Protection with
Unusual behavior can be accurately identified using the Six Critical Eigenvalues Model (results, time, location, person/ID, scope, and action) without the need to set up each strategy manually.
AI algorithms enable the product to learn and evolve by itself, making the system smarter over time.
High Defense DNS
To support large numbers of concurrent requests, Baishan’s platform provides distributed DNS server clusters. Baishan also provides free DNS resolution protection based on each user’s monthly profile.
Innovative SIEM Concepts
Baishan provides more comprehensive security protection, real-time data collection, and summary analysis, instantly enabling the identification of key threats. Security devices are integrated to effectively identify deep and unknown threats for more comprehensive protection.
Bypass Deployment Along with Software Definition for More Flexible Security
By using Bypass mode, there is no impact on architecture and business. Further, the cloud-based model reduces bandwidth and performance limitations to enable rapid scalability.
The algorithm engine can identify unusual behavior based on real-time group comparison. Using user behavioral modeling, it can build a mathematical model that can generalize spatial features and perform a comparative analysis of the individual groups.
Using an unsupervised learning algorithm and cluster feature amplification, multi-source, low-frequency gang behaviors can be identified. Long-term axis analysis is used to compare changes to normal behavior to detect threats.
A probability model is calculated by learning the inherent rules of historical behavior data. An integrated-learning classification algorithm based on the probability model then analyzes and identifies unknown and unusual behaviors.
Actively Evolving Engine
Users are allowed to make a limited number of annotations to a semi-supervised learning algorithm. The algorithm then trains a small number of sample models through a convolutional neuron network, corrects the results of the original algorithm analysis, and improves the accuracy of the algorithm.
Multi-engine, Full-data Threat Analysis
Web traffic data is collected in a distributed storage medium. The data is then analyzed by unsupervised, semi-supervised, and other algorithms to accurately identify unusual behaviors. The algorithms constantly evolve through self-learning, providing more accurate threat detection.
Safety Orchestration, Automation, and Response (SOAR)
The system automatically analyzes the cause of failure when an event is triggered, linking multiple business systems, devices, and levels according to predetermined logic. The system also supports custom security events.
Results based on the Six Critical Eigenvalues Model, along with behavior time, location, person/ID, scope, and action are used to generate behavior analyses of users and entities.
The comprehensive situation awareness is represented using the customized dashboard, configurable security reports, and multi-dimensional large-screen situation displays.
Global Threat Intelligence Center
Network intelligence is automatically integrated with IP addresses for accurate threat tracing analysis.
Protection against Threats
UEBA combined with the machine learning engine, effectively identifies and defends against various internal and external threats, including multi-source low frequencies, botnets, credential stuffing, malicious registration, etc., to effectively improve the organization’s security level.
Big Data Integration
The organization’s secure, multi-source, big data analysis platform effectively provides integration capabilities.
Improving Security Operational Efficiency
Artificial intelligence technology is used to manage manpower and effectively improve operational efficiency and security.