Aquaboutic | Focus Security Research | Vulnerability Exploit | POC


han shengzhe yen represents "apt defense specialized enterprises entering southeast asia and the united states market"

Posted by barkins at 2020-02-14

EDR and SECAs also continue to expand market

The recognition of apt defense professional enterprises has been strengthened, and the market of EDR and SECAs has been targeted to expand their positions. At the same time, it is planned to expand to Southeast Asia market based on the domestic blueprint, obtain monitoring certification, and formally enter the U.S. fund-raising market. Here is Han Shengzhe's representative and the content of one question and one answer.

Q. Economic achievements in 2018

A: In China, many large-scale network APT system construction projects of public institutions. As a representative example, a public authority building a new network has provided external network, e-mail and PC, which have also joined the company's apt solution, and the company has also provided an integrated monitoring center. In addition, the standard linkage test specification of the national network security center is the only apt product that has passed the linkage test and passed the Yara rule linkage test of the Ministry of education. Therefore, the education authority is recognized as the solution that must be introduced.

The cumulative export volume overseas reached US $1 million. Large enterprises in Thailand and Indonesia have POC contracts and Singapore sales contracts, expecting sales to rise in 2019.

Q. Introduce the main solutions of Economics

-A: The main solution is "zombie zero EDR". Basic security solutions like vaccines are impossible to deal with mysterious islands like apt and staff. In addition, the traditional sandbox technology is vulnerable to the attack of encrypted communication, such as mechanical malicious code, mysterious Island clothes, SSL, etc. In order to transcend such boundaries, the importance of EDR (endpoint decision & response) technology is emerging.

IOC (violation index) is to collect the traces left by the invasive malignant code, and analyze the system's response after the event. Instead, EDR infects previous malignant code by running retention functions.

In addition, the impact of operation agent system is minimized, and technologies such as hooking and DLL injection with high conflict probability are not used.

The Ministry of education has passed the standard linkage specification test of the network security center, collected Yara rule from the Ministry of education, set these discovery policies, and re transmitted the results.

In addition, the virtual analysis environment of some outsourced products has been finalized, and alz, HWP and other environments have not been added. EDR is the main local application, which can be made up of virtual / environment with high detection rate.

Q. The outlook for the security market in 2019 is

-A: According to the annual increase of apt and long island losses, the security market is expected to grow in 2019. In addition, in the form of purchasing security products and building and using, SECAs (security as a service) is easily introduced to expand the market.

Q. The economic strategy in 2019 is

-A: At the same time, it has formulated the strategy of expanding the target market. At the same time, it will expand brand recognition and local network in Southeast Asia market based on refreens supplied by domestic flow agencies, and formally enter the U.S. market after obtaining international CC certification.

Q. Instructions to public or corporate security staff

A: Seeing the news of frequent hacker accidents, there are also many people who think that "our organization will not be the target.". Such "no awareness of network security" has become the biggest weakness, leading to hackers' close intelligence, and the vicious circle of repeatedly seeking solutions after the disaster. In order to attack the security system which is blocked in advance, we should take measures to deal with the aggressive accidents.

In the past 10 years, according to the change of security trend and customer requirements, we have continuously updated products and services. Every day, customers can feel a very convenient solution. No matter the unexpected network attack, they will do their best to provide a reliable solution.

★ information security represents the daily life of media! *

Copyright holder, no daily cuame and Cultivation