Three years ago, in CARTA (Continuous Adaptive Risk and Trust Assessment), one of Gartner's top 10 strategic technologies in 2018, deception technology (abbreviated as honeypot) played an important role as an important means of operational risk and trust assessment.
At present, deception techniques and concepts have been successfully applied to the security protection system.
Turn "Passive" Into "Active" and Continue to Upgrade Prevention System in All-Round Way
With the rapid development of information technology, "attack in the dark, guard in the light", traditional passive defense is no longer sufficient to face the escalating means of cyber-attacks, which is different from the traditional passive defense concept of "reject the enemy outside the boundary". "Honeypots" will actively attract intruders to attack. Through detection and analysis, it will provide users with precious data about the attackers and their attack methods, so as to perform health check, and realize the continuous and comprehensive upgrade of prevention system under ever-changing security challenges.
Venusense Deception Prevention System is based on the accumulation and research results of the group’s offensive and defensive directions, adopts deceptive defense ideas, an independently researched and developed security product. The system builds honeynets through business simulations, lures intrusions into the honeynets, conducts attack captures, and slow the attack, record the whole process and behavior, realizes the rapid forensics and traceability of the intrusion behavior, and protects the real network assets.
How to turn "Passive" into "Active"?
● Business Simulation
Business simulation is the key technology in the honeypot technology. Only a high degree of business simulation can deceive intruders with fakes. The Venusense Deception Prevention System has strong business simulation and honeynet formation capabilities, and supports the simulation of network services, vulnerabilities and business systems, including common OA systems, mail systems, file services, operation and maintenance services, etc.
● Threat Discovery
When an intruder jumps into the "trap" arranged by the Venusense Deception Prevention System armed with patented traffic capture, which can monitor the intruder's movement in real time, and accurately sense and capture advanced unknown threats such as 0day and APT.
● Forensics and Traceability
Venusense Deception Prevention System collects addresses, samples, behaviors, and fingerprints of intruders privately, masters detailed attack paths, terminal fingerprints and behavior characteristics, and conducts comprehensive forensics and precise traceability. Provide full traffic monitoring of attack behavior and analysis capabilities.
● Intelligence Empowerment
One of the biggest problems in security protection is to find the data you need from thousands of network data. Based on the principle of active prevention, the data obtained by honeypots has the characteristics of high accuracy. On the one hand, it integrates with firewall, WAF, situational awareness platforms to realize real-time blocking of attack behaviors and shorten emergency response time. In addition, data such as unknown threats captured by honeypots are used in threat intelligence centers or other security devices to improve attack detection capabilities, continue to empower the security prevention system.
The Uniqueness of Venusense Deception Prevention System
● High Simulation
The system has fast simulation capabilities of business systems, which can highly simulate Web services, databases, operating systems, industry-specific systems, etc., so as to confuse attack targets, slow attacks, protect real systems, and buy time for emergency response time.
● Wide Application
The system is suitable for IT systems, industrial control systems, Internet of Things and other network environments. It can be deployed in cloud and on premise. It has been successfully applied in transportation, finance, government, energy, industrial systems and other fields.
● High Security
The combination of multiple technologies such as kernel security monitoring based on patented technology ensures system security.
● Honeynet Formation
Visualized operation, templated configuration, rapid formation of honeynets, multi-segment deployment of simulation systems, dynamic adjustments based on demand, and combination of virtual and real environment, to achieve a true honeynet.
● Empowering System
Entrapment data empowers the security system in real time, and forms joint prevention and control with firewall, WAF, sandboxing, perception platform, threat intelligence system to improve overall security protection capabilities.
At present, the Venusense Deception Prevention System has been successfully applied to transportation, finance, government, energy, industrial systems and other fields, and has won good response from customers with its excellent product performance. In a large-scale actual combat exercise, it helped defenders capture a large amount of attacker information, which has largely reversed the asymmetry of offense and defense.
In the future, the Group will continue to adhere to customer needs, based on independent innovation, achieve continuous product updates and upgrades, help customers discover unknown and potential security threats, improve security risk response capabilities, and provide strong guarantees for customers to achieve digital transformation and upgrading.
Have a question? We're here to help.
Please send an email to overseas@venustech.com.cn
Or you can fill out the form below and we will get in touch with you soon.
Thank you for your interest in Venustech.
