360 Terminal Security Technology Wins Global Award

360 Enterprise Security Group is the first among traditional security providers to make overall arrangement in the EDR field, and 360 EDR is China’s first new-generation terminal security product for rapid detection of and response to advanced threats. It is the realization of the data-driven security technology concept in the area of endpoint security.

Wu Yunkun, President of 360 Enterprise Security Group, said the traditional security defense system is slow because of its independent operation of security devices. Attackers can enter an enterprise intranet at a low cost, and have plenty of time to find and get the data they are interested in. The 360 EDR system can interact with other security devices configured by the enterprise to form an effective coordinated defense system, greatly reducing the attacker's attack time and raise the cost of attack.

Zhang Cong, vice president of 360 Enterprise Security Group and director of EDR, said that 360 EDR, which is driven by threat intelligence, adopts a new "attack and defense inversion" idea, which changed the phenomenon that the original defender was successfully infiltrated as a result of a defensive fault. The system can quickly lock the threat terminal through the latest security clues, and evaluate the attacked terminal through real-time data and historical terminal information, and then reveal the security defects of the intranet terminal, and carry out corresponding disposal through an automatic response mechanism to achieve effective defense and the purpose of security protection.

Compared with the traditional means of security defense, the advantages of the 360 EDR system are that it can continuously monitor the security activities of intranet endpoints, and combine the 360 data threat information and other clues to quickly retrieve and locate the failed intranet endpoints, and provide an automatic response to the threat event at the same time. In order to achieve better results and higher efficiency in confronting advanced threats, it can reduce the attacker's attack time to the minimum, and reduce the possibility for an advanced threat to reach its goal.

"Under the guidance of big data threat intelligence, the 360 EDR system can decompose a complex advanced threat security response to a series of action processes, such as location, evaluation, response and repair, and thus eliminate the advanced threat," Wu Yunkun said.

At present, 360 Enterprise Security Group, driven by the "data-driven security" technology concept, has formed a complete technology, product, operation and service system in the EDR field, helping thousands of customers to build a complete security system based on active defense capabilities.