NG- SIEM

NG-SIEM is Baishan’s next-generation security information and event management platform based on UEBA-AI (user and entity behavior analytics) technology. It can accurately identify internal and external network abnormal behavior through real-time analysis of traffic logs and deeply correlating events data to continuously monitor network security situations and improve security operations efficiency.

Product Benefits

Smarter Analysis

With the help of AI algorithms, 99.9% of the threats can be accurately identified.

More Comprehensive Security Protection

Security devices are integrated for real-time data collection and summary analysis to effectively identify deep and unknown threats for more comprehensive protection.

Quicker Responses

Responding in milliseconds to instantly locate threat events, issue alerts, and trace the threats.

More Flexible Deployment

Bypass deployment can avoid device compatibility issues with zero impact on network architecture and business processes.

Faster Capacity Expansion

Cloud-based software eliminates bandwidth and performance limitations to allow capacity expansion in case of sudden business surges.

Product Features

Four-Engine, Full-Data Threat Analysis

Web traffic data is collected in a distributed storage medium. With real-time engines, depth engines, learning engines, and active evolution engines, AI algorithms continue to learn, train, and optimize themselves to provide more accurate threat detection.

high-performance caching servers
tiered-caching architecture

Safety Orchestration, Automation, and Response (SOAR)

The system supports custom security events, automates cause analysis, handles failures with a fixed process and provides integrated management to accelerate the response time of threat incidents.

User and Entity Behavior Analysis (UEBA)

Building models of logs and security information based on the Six Critical Eigenvalues Model (behavior-time, location, person/ID, scope, action, and results) to build a security baseline for user behavior.  Identifying abnormal users through continuous behavioral analysis to perceive unknown threats.

instant purging
intelligent network opitimization

Visualization Analysis

The comprehensive situation awareness is represented using the customized dashboard, configurable security reports, and multi-dimensional large-screen situation displays.

Global Threat Intelligence Center

Integrating network intelligence with IP addresses, street-level positioning display, full black/white/gray lists, and real-time information updates for accurate threat tracing analysis.

adaptive bitrate

Application Scenarios

Corporate Intranet Security Protection

Collecting and analyzing corporate logs and all traffic, monitoring user and entity behavior and issuing alerts on abnormal risks based on the user's perspective. Combining intelligence on threats to effectively protect against data leakage, network scanning, Trojan virus and other attacks.

Identifying Security Risks

Accurately identifying risks such as crawlers, click farming, credential stuffing, low-frequency behavior and gang behavior based on in-stream big data and machine learning algorithms. Effectively monitoring threats against apps to ensure corporate business security.

Online Office Security

By interconnecting VPN logs/traffic and other data, helping organizations comb through digital assets to identify possible security problems for telecommuters such as account sharing abuse, two-factor SMS bombing, VPN malware dial-in and other security threats.

Deep Security Defense

Supporting privatized, bypass deployment models.  Using machine learning algorithms and user and entity behavior analysis (UEBA) to eliminate the dependence on and limitations of artificial rules and discover security threats that have occurred but not been identified.