PRODUCTS
current location:PRODUCTS
PRODUCTS
USM
Venusense USM
Venusense Unified Security Management (Venusense USM) is a security information and event management (SIEM) solution that enables security teams to quickly detect and respond to internal and external attacks, to simplify threat management while minimizing risk, and safeguard your business.
Venusense USM enables your security teams to use all data to gain organization-wide visibility and security intelligence. Venusense USM helps security teams streamline security operation for organizations of all sizes and levels of expertise.
1Data-driven security and continuous monitor for potential threats


Venusense USM is based on IT asset and keeps focus on application/business system. USM can be used for centralized supporting platform for network monitoring, security audit, measurement and routine maintenance.

The Venustech SIEM solution is composed of various components under the Venusense Unified Security Management (USM) product, which includes modules for Security Analytics (SA), Network Behavior Analysis (NBA), Configuration Verification System (CVS) and Business Security Management (BSM). Venusense SA provides log collection, normalization and storage, and an analytics engine for threat detection and compliance use cases. It is based on a big data platform, with both Hadoop and Elasticsearch options available, that enables ML analytics in addition to standard correlation-based detection. The solution can be deployed via software, or as a virtual or physical appliance. 

2Capabilities:





  • Flexible and Powerful Situational Awareness

  • Based on detailed log normalization, classification technology, and distributed non-relational database in big data, Venusense USM realizes the full-text index of formatted data and original log. Combined with distributed processing, Venusense USM provides policy-based security event analysis, interactive query through visual dashboards, and powerful hybrid search capability with a variety of log analysis technologies.



  • Smart Flow Security Analysis

  • Venusense USM establishes flow behavior profiling to identify asset attributes and supports business flow anomaly detection and compliance checks. Through the capture, generation and intelligent analysis of the business network traffic information achieves the flow and security events cross-analysis and traceability.


  • Comprehensive Vulnerability Management and Risk Assessment

  • Venusense USM realizes real-time and efficient linkage with a variety of leaky system and supports comprehensive vulnerability control through built-in configuration verification. Venusense USM implements a quantitative risk assessment based on risk matrices with reference to international standard.



  • Business-Based Security Management

  • Venusense USM provides built-in business oriented modeling tool, which helps to construct business topology and create business health index, evaluating the health state of business from performance, availability, vulnerability and threat, to help users analyze business availability, business security events and business alerts.



  • Intelligent Correlation Analysis

  • With the advanced intelligent correlation analysis engine, Venusense USM can correlate all structured log flows in real-time and uninterrupted. Venusense USM provides three event correlation analysis methods: rule-based association analysis, context-based association analysis and behavior-based association analysis, and provides abundant clear visual security events pictures, which greatly improves the efficiency of analysis.




  • Proactive Early Warning

  • By collecting threat information and combined with the rules association and observation list, Venusense USM releases internal and external warning information to help administrators defend advanced threats.



3Components:



 Security Management Center(Required)

Include the Venusense USM core function of the big data CupidDB version.

Built-in performance collection module with complete monitoring functions.

Built-in log collection module with complete events collecting functions.

Built-in  configuration verification module with complete monitoring functions.


Configuration Verification Sensor (Optional)

Collect and check configuration information for decentralized managed assets.


● Distributed Storage Index Node (Optional)

Distributed storage, indexing, and analysis of security events.


● Distributed Log Sensor (Optional)

Distributed collect decentralized managed assets.


● Performance Sensor (Optional)

Collect performance information for decentralized managed assets, including availability, operational status, and performance information.


● Flow collector [known as "network behavior analysis module"] (Optional) in hardware and software
Collect, store, analyze, and forward raw traffic and flow records. 
4Certification and Honors



 Information Technology Security Assessment Certificate EAL3 Level issued by China Information Technology Security Evaluation Center 


 Military Information Security Certificate 


 CCID report shows that Venusense USM has ranked No. 1 in domestic market share for eight consecutive years from 2008 to 2015.