Continuously collect security-related data of the whole network endpoints, and summarize the collected endpoint security data in real time to the big data analysis platform for unified storage and management.
Support quickly search the endpoint behaviors of the whole network, accurately locate and generate alarms for advanced threat events by combining QAX big data threat intelligence, threat hunting and other methods.
Provides the endpoint security big data search capability, which can drill and analyze threat events in depth, recover the timeline of threat events, trace their source, and analyze the scope of influence, loss and other related information.
After determining the impact range, you can quickly respond to threat events and isolate local risky endpoint.
The advanced threat hunting technology based on artificial intelligence behavior engine as the core covers the multi-platform terminal system, providing high precision and multi-dimensional advanced threat hunting capability.
Through the self-developed big data analysis and retrieval engine, it can efficiently process and quickly analyze the massive data collected by the endpoint, implement real-time retrieval and analysis of behavioral data, and help enterprise users to centrally manage endpoint data.
Provide the capability to track, analyze and investigate threats, dig deeply based on threat events and relevant endpoint context information, so as to discover the network kill chain and restore the truth of events.
Receive the threat intelligence of QAX cloud in real time, and convert the information into relevant indicators to correlate with the behavior data of endpoints in the whole network, and quickly locate the infected endpoints.
Provides fast response to advanced threat events and integrates the endpoint security management system to contain and repair threats of different types of risks.