With the rapid development of official web portals, credit card centers, online banking, and mobile banking, the demands of protection for encrypted traffic for banks is growing, the certificates and data cannot afford to be leaked, and changes to the existing architecture of current security products come with great risks.
Traditional rule detection security cannot defend WAF bypassing, credential stuffing, suspicious login, spamming, internal anomaly, and other unknown threats.
Banks lack an intelligence database for social engineering to help with detection and prevention when deploying systematic defenses. They also lack linkage in the execution of security defenses strategies.
Fast response to security incidents based on real-time alerts and facilitate security data reporting. Asset discovery helps banks discover all the assets that provide services to implement security monitoring of assets, including version, port, accessibility, asset behavior monitoring, etc. Various types of threat management logic are achieved through coding, and the portal display visualizes multi-dimensional security data.
Bypassing deployment architecture that does not affect current business services.
Serial security devices can only intercept non-encrypted protocol attacks targeting a bank’s application layer traffic over protocols such as HTTP and HTTPS.
Baishan’s ATD (Advanced Threat Detection) is based on privatized bypass deployment and analysis of logs without needing the certificate to analyze encrypted protocol attacks. It can analyze, identify, and intercept various application-layer traffic attacks based on trait detection and UEBA technology, enabling banks to defend themselves against various application-layer traffic attacks.
Banks’ analyses and investigations of traditional security incidents are based on scattered security systems resulting in single-point processing. Baishan’s ATD can shorten the investigation time by correlating time and associating events. Through the linkage between security devices, various types of interception modes can be triggered based on threats, enabling detection and resolution of security risks and minimizing loss from threats more quickly.
Banks encounter alerts from different security devices. Processing these alerts can be time-consuming as they need to be ranked and sorted through analysis. By accessing and connecting security devices, Baishan’s ATD can hierarchically process various types of alerts more quickly. Through programmable event management and security event correlation, processing can be standardized and automated, enabling banks to improve security operations and maintenance efficiency through security event scheduling.