qingteng tianrui rasp was selected as the first batch of "digital security escort program technology support products" by caict
2024-09-05
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
recently, the 2024 global digital economy conference - digital security ecosystem construction forum was successfully held in beijing, where a number of digital security achievements were released and awards were presented. qingteng tianrui rasp application security protection products were successfully selected as the first batch of "digital security escort program technology support products" by china academy of information and communications technology & china telecommunication technology laboratory. at the same time, qingteng cloud security, with its deep technical strength and professional security services, was successfully selected into the 14 security sub-sectors of the first "digital security escort technology capability panorama".
the "digital security escort program" is an exchange platform jointly initiated by the china academy of information and communications technology and all sectors of the industry. with the purpose of "building a self-reliant and self-reliant digital technology innovation system and building a reliable and controllable digital security barrier", it creates a full-range platform model covering policy interpretation, technological innovation, standard setting, testing and inspection, evaluation and certification, talent training, industry exchanges, popular science and other aspects to promote the high-quality development of china's digital economy. this time, qingteng tianrui was successfully selected as the first batch of "digital security escort program technology support products", which is a high recognition of the performance and value of tianrui products, and an authoritative recognition of qingteng cloud's security technology strength.
implant native security capabilities into applications
qingteng tianrui rasp application security protection product supplements the internal application perspective that traditional security lacks. through plug-in technology, it integrates active defense capabilities into the application running environment, captures and intercepts various threat attacks that bypass traffic detection, such as memory horses, sql injections, 0day attacks, etc., so that the application has powerful self-protection capabilities, helps enterprises discover and manage application risks, and ensures the security of application runtime.
core features
0day attack protection:usually, attack detection relies on existing rules. 0day vulnerabilities have no corresponding rules and are therefore easy to bypass. rasp detects attacks based on rule-free logic detection, which can take over and monitor the underlying calls of applications. attacks will inevitably produce subsequent actions, such as database access and command execution, which cannot bypass the underlying calls. therefore, rasp can effectively protect against both known attacks and unknown 0day attacks.
memory horse defense:memory horse attacks are extremely hidden and harmful, and only in-depth internal detection of the application can form an effective defense. qingteng tianrui provides three protection barriers against memory horse attacks, intercepting layer by layer on the attack path of memory horse, thus achieving comprehensive protection against intended injection and injected situations.
apply hotfix:in response to the problems of high cost, great impact and difficulty in promoting vulnerability repair, qingteng tianrui can provide patch repairs for running applications without restarting the applications, and can update the corresponding repair capabilities for newly-emerged vulnerabilities at any time, effectively supporting emergency response to hot vulnerabilities.
weak password detection:qingteng tianrui monitors weak password logins through login behaviors, supports weak password detection for applications and middleware, and can set detection rules according to enterprise requirements. weak passwords are passively identified during the login process without active scanning, so there will be no problems such as account lockout, and the plaintext detection comparison can be obtained to be more accurate.
data link monitoring:qingteng tianrui can obtain the complete call link information of the application and know the data transmission link of the api, thereby achieving outstanding code positioning effect in data tracking; it can present the topology information of the microservices within the application, thereby knowing the service call relationship and discovering call risks; it can present the access relationship between different applications and discover abnormal access connections.
component inventory detection:with the frequent vulnerabilities of open source components, the supply chain security of applications has attracted much attention. qingteng tianrui can monitor and discover the actual call status of component libraries in real time when the application is running, and obtain version information such as component libraries, analyze the risks they have, and provide complete component library security governance capabilities to avoid supply chain attacks.
product advantages
good protection effect:it runs inside the application and monitors interface calls, with a much higher success rate than boundary interception.
small business impact:agent is dynamically installed and uninstalled without restarting the business, without affecting other service processes, and without conflicting with business codes.
high adaptability and compatibility:it is compatible with all java versions and has good compatibility with other java agents without affecting the existing functions of the system.
strong module expandability:the plug-ins are independent, can be flexibly expanded, and have a dynamic switching mechanism to ensure minimal resource usage.
application scenario
rasp runs inside the application and focuses on security scenarios at the application layer. it can form a high-quality in-depth defense system with hids, waf, etc., especially in attack and defense drills, application risk monitoring, malicious attack protection, and online vulnerability repair.
attack and defense drills:in attack and defense drills, application attacks are a common and efficient means of attack, and most traditional security tools cannot detect container microservice traffic and encrypted traffic, and are powerless against threats that reach applications. qingteng tianrui goes deep into the application, providing visibility from east-west traffic to internal calls, effectively blocking various attacks such as 0day and memory trojans.
application risk monitoring:open source component vulnerabilities occur frequently. qingteng tianrui provides real-time risk monitoring capabilities during application operation, accurately identifies vulnerabilities in application middleware, and can discover significant risk issues such as weak application passwords. it provides a complete risk portrait and guides users to complete risk problem identification and promote repair.
malicious attack protection:traditional intrusion protection solutions lack the ability to detect unknown attacks, especially 0day, memory trojans and other difficult-to-protect attacks. qingteng tianrui detects attacks based on irregular logic detection, monitors the underlying calls of applications, makes it impossible for attacks to bypass, and provides security personnel with detailed attack links to facilitate vulnerability location and reproduction.
vulnerability online repair:old systems often have vulnerabilities, many of which do not have corresponding patches to repair directly. when patches for newly exposed vulnerabilities have not yet been released, they may be attacked by hackers at any time. for these scenarios, qingteng tianrui's hot patching capability can effectively provide emergency protection for vulnerabilities through feature matching and in-depth vulnerability exploitation principle shielding.
