With Unique Data Servo Mechanism, Venustech officially launch Venusense EDR

With the emerging of unknown threats such as viruses, Trojan variants and new APT attacks, the form of destruction has changed more rapidly and covertly. The lack of understanding of the causes of security incidents, unclear processes, incomplete traceability information, which can not support subsequent security remediation, makes the lack of unknown threat protection capabilities become a great challenge to the network security of many customers. At the same time, the diversity of terminal types also brings an island effect to organizational security protection, whether from Windows to Linux to domestic operating systems, or from physical machines to virtual machines to cloud hosts, the complex terminal environment brings great challenges to the compatibility and suitability of terminal security protection software.

With the customer pain point accurately captured as the starting point, Venustech, with 17 years of accumulation and precipitation of endpoint security, officially launched the self-developed Venusense Endpoint Advanced Threat Detection and Response system (Venusense EDR).

Venusense EDR uses the extremely light-client (minimum 500k) as the information collection and security response point, and structures with the high-performance management platform to clean, aggregate, threat detection, and behavior analysis of the raw data collected by the terminal, using the industry’s unique "Data Servo Mechanism" an adaptive closed-loop design concept, which provides a comprehensive security response to endpoint threats. Relying on the full information acquisition capability, it achieves a full perspective and full process traceability of threats.

Condensing years of technical refinement and industry innovation, Venusense EDR creates a new generation of terminal security detection and response products for our customers, effectively improves the security protection effect, and builds a safe and stable business environment.

Core Capabilities of EDR

● Fine-Grained Asset Inventory

Venusense EDR has multi-dimensional data collection capabilities and supports collect both static and dynamic information, including hardware configuration information, application information, security compliance information, system operation information like open ports and accounts, middleware (name, series, version) which may hold potential threats and hidden dangers, so as to better discover the abnormal situation and threat clues, and help the organization view, complete, clear and search the endpoint security status and working status .

● Security Threat Landscape Visualization

Venusense EDR adopts an all-factor comprehensive judgment mechanism to discover security factors such as uninstalled important patches, application configuration defects, new application vulnerabilities, abnormal accounts, weak passwords, and threat retention. The security status of the endpoint is quantified and presented in numerical form through the management platform. Predict the threat dimension, scope, trend, and direction to help understand the security threat situation of intranet endpoints through an intuitive and visual interface.

● Host East-West Traffic Visualization

Use traffic profiling technology to build clear and visible east-west traffic details, clarify the access relationship between subnets, edges, and terminal, conduct research and judgment on connection security. Through microsegregation technology to refine network access control.

● Security Closed-Loop Data Servo Mechanism

Equipped with the unique data servo mechanism defense system, Venusense EDR uses 1xN detection capability, that is, 1 information source (endpoint), N inspection engines, and layered matching. Information collection drives threat detection, threat detection drives correlation analysis, correlation analysis drives response, and response drives threat traceability, thereby opening up a secure and uninterrupted closed-loop of endpoint protection.

● Threat Traceability

Through network connection, file transfer path and process correlation traceability, Venusense EDR can locate the threat source, threat occurrence process and threat impact scope of all security incidents that have occurred and are under occurring in the terminal, and provide effective data for the remediation.

Venusense EDR uses data to drive security and maps threat to the ATT&CK threat framework to form a ‘threat map’, which accurately locates unknown threats disguised under legal programs and connects the overall intrusion chain, cutting off an intrusion in steps, preventing threats from landing or expanding their impact, and achieving process-level defense against security threats. With complete traceability capabilities, it can truly replay the process of security threats from the perspective of criminals. Through the light-client design concept, not only the high coverage of the operating system is achieved, the terminal operation is more stable, and the adaptation to the new operating system and environment is quite easier.

Venustech Group is gradually launching E*N security protection solutions, using Venusense EDR for terminal detection and response, and forming complementarity with the group's platform products, gateway products, detection products, and endpoint products, horizontally enhances security protection and control capabilities, vertically enhances security threat detection and traceability capabilities, achieve the best results of the solution, and build a safe and stable Internet environment for customers.

As a leader in the cyber security industry, Venustech Group will continue to increase investment in research and development, based on independent innovation, continue to upgrade security products and solutions, lead cyber information security, and lead the industry to develop steadily.