产品服务

以人为核心的零信任业务安全防护体系

首页 > 产品方案 > 终端安全防护(ESP) > 终端威胁态势感知(MTD)

终端威胁态势感知(MTD)

芯盾时代终端威胁态势感知Mobile Threat Defense(MTD)由终端信息收集、威胁感知分析、环境感知分析、非法应用感知、应用监测报表输出等多功能模块组成。致力于保护移动设备运行环境安全,实现对病毒、木马、模拟器、虚拟机、双开、Root、攻击框架、内存调试等异常状态检测,通过自主研发的病毒查杀引擎,快速完成内存和已安装软件的恶意代码扫描,通过可视化管理平台实时反馈移动终端风险状态。

芯盾时代终端威胁态势感知Mobile Threat Defense(MTD)由终端信息收集、威胁感知分析、环境感知分析、非法应用感知、应用监测报表输出等多功能模块组成。致力于保护移动设备运行环境安全,实现对病毒、木马、模拟器、虚拟机、双开、Root、攻击框架、内存调试等异常状态检测,通过自主研发的病毒查杀引擎,快速完成内存和已安装软件的恶意代码扫描,通过可视化管理平台实时反馈移动终端风险状态。

产品功能

终端风险检测 对智能设备当前运行的所有程序进行快速检测,识别包含威胁的应用或进程。移动杀毒系统除了进行常规的病毒快速检测外,支持针对智能设备存储卡中所有的未安装的安装包进行检测,甄别威胁应用,防患于未然。

客户端异常信息监测 对Android设备、iOS设备的多个设备环境风险点检测,判断设备运行风险,保证客户端应用运行环境可信。

全局态势感知 针对移动终端上的安全问题,综合对移动设备运行状况、安全情况以及用户行为等多个因素进行数据分析,宏观展示启动运行状况、安全事件及威胁态势、崩溃趋势等情况,实时掌控应用运行态势。

应用场景

  • 威胁情报分析

    收集并处理终端反馈数据,判断分析是否有威胁信息源,并输出风险问题报表。

  • 风险告警处置

    业务数据风险分析,根据自动化风险分析及处理,将风险数据反馈业务系统。

  • 特征篡改分析

    实时处理终端设备特征数据,判断终端特征是否正常,有无被恶意篡改。

  • 运行监测分析

    全面监控移动应用运行过程,统计活跃度、新增设备、地域分布情况、系统分布情况、版本分布情况等。

  • 崩溃监测分析

    采集应用运行过程中各类崩溃信息,提供设备崩溃准确的系统信息。

产品特色

综合安全态势感知

综合安全态势图形化展现,图形化全面展现整体安全形势、态势统计及详细风险信息。

终端设备行为画像

整合设备信息、病毒木马分析、攻击风险检测、应用运行状态、非法应用感知等数据,形成终端可视化行为数据。

终端风险信息采集

精准识别终端病毒木马、多种模拟器、虚拟机、APP双开等风险,实时采集分析终端2000多个风险特征值,并生成可视化风险防控报表。

设备应用实时监控

在App运行时,对系统环境进行风险扫描,防止恶意应用的入侵,并对后台环境进行监测,拦截可能随时加载的恶意应用。

Products & Services

Human-Centered Zero Trust Business Security Protection System

Home > Products > Endpoint Security Protection (ESP) > Mobile Threat Defense (MTD)

Mobile Threat Defense (MTD)

Trusfort's MTD is composed of endpoint information collection, threat awareness & analysis, environment awareness & analysis, illegal application awareness, application monitoring, report output and other multi-functional modules. It is committed to protecting the security of mobile device operating environment, and detecting abnormal states such as viruses, Trojans, simulators, virtual machines, root, framework attack and memory debugging. Through the self-developed virus detection and killing engine, it can quickly scan malicious code against memory and installed softwares, and feed back the risk status of mobile devices in real time through the visual management platform.

Functions

Detection for Endpoint Risk The product can quickly detect all programs currently running on smart devices and identify which applications or processes contain threats. In addition to the routine rapid virus detection, the mobile anti-virus system also supports the detection to all uninstalled install packs in the smart device memory card to identify which applications have threats and then prevent risks from happening.

Abnormal Information Monitoring for Clients Detect multiple device environment risk points of Android devices and IOS devices, identify the device operation risk, and ensure the credibility of the client application operation environment.

Overall Situation Awareness The product aims at the security problems on the mobile devices, comprehensively analyses the data of multiple factors such as mobile device operation status, security status and user behaviour, and macroscopically displays the initial operation status, security events, threat situation, collapse trend, etc., in order to control the application operation situation in real time.

Scenarios

  • Threat Information Analysis

    Collect and process all feedback data from endpoints, identify and analyse whether there is threat information source, and then output risk problem report.

  • Risk Warning Disposal

    Analyse the risk of business data, and then feed back the risk data to the business system according to the automatic risk analysis and processing.

  • Feature Tampering Analysis

    Process the feature data of device in real time to identify whether the device's feature is normal and whether it has been malicious tampered.

  • Operation Monitoring Analysis

    Comprehensively monitor the operation process of mobile applications, and count the activity situation, the number of new equipments, regional distribution, system distribution, version distribution, etc.

  • Crash Monitoring Analysis

    Collect all kinds of crash information during application operation, and provide accurate system information in case of equipment crash.

Features

Comprehensive Security Situational Awareness

Comprehensive security situation and and situation statistics are displayed graphically, as well as detailed risk information.

Endpoint Device Behavior Portrait

Integrate the data of device information, Trojan horse virus analysis, attack risk detection, application running status and illegal application awareness to form the endpoint visual behavior data.

Endpoint Risk Information Collection

Accurately identify the endpoint trojan virus, a variety of simulators, virtual machines, APP double opening and other risk states, collect and analyse more than 2000 risk eigenvalues of the endpont in real time, and generate a visual risk prevention & control report.

Devices' Applications Monitoring In Real Time

When the app is running, it scans the system environment for preventing risks as well as the intrusion of malicious applications, and monitors the background environment to intercept malicious applications that may be loaded at any time.