Life Circle of Risk Management

风险处理生命周期

Module Function Introduction

Discover the important uninstalled patches

The important system patches can be timely and accurately found by the continuously updating patch library and the agent scan. At the same time , the most urgent patches will be intelligently extracted with the system application , kernel modules, installation packages, and important updates of various of software deeply detected.

Discover the security problems caused by application configuration defects

Automatic identification of application configuration defects: the problems in configuration can be found and handled by comparing the critical attack path on the kill-chain, so that intrusion risks will be reduced. After a configuration detect is found and handled promptly, the potential security risks will be effectively solved and the hackers’ further activities will be interrupted.

Fast discover new type vulnerability of system and application

Continuously paying attention to the latest worldwide security developments and vulnerability exploitation methods, and constantly introducing the latest vulnerability detection capabilities. The continuous monitoring and analysis mechanism based on the agent can quickly compare with the huge vulnerability library and detect system vulnerabilities accurately and efficiently.

Intelligent weak password detection and support multiple applications

Accurate identification of more than a dozen of weak passwords, including SSH system applications, Tomcat, Mysql, Redis, etc. The recognition method gives priority to offline decoding, and hashes offline files into the library, which greatly improves the detection efficiency. The system can intelligently recognize the combined weak passwords, and supports user-defined weak password dictionary.

Product Characteristics

  • 1

    Comprehensive system vulnerability discovery

    The comprehensive vulnerability detection of IT system provides enterprises with risk situation view without any blind area, so that security problems can be found before the attackers and fixed in time.

  • 2

    White-box angle is more accurate than black-box angle in risk detection

    Agent scanning mechanism establishes a white box perspective from inside to outside, with very low false alarm rate and more comprehensive scanning.

  • 3

    Faster and more convenient than traditional scanners

    Based on agent scanning from inside to outside, it can be deployed at one click by one command, after which it can continuously keep enterprise safe.

  • 4

    Automated association of asset data

    Based on the overall inventory of host environmental assets, continuous risk scanning is carried out, and asset data are automatically correlated to provide effective information for the next risk processing.

Copy@2014-2022 QingTeng All rights reserved.  |  Beijing ICP reserve 15030561 Beijing Shengxin Network Technology Co. Ltd