Renjia
Cyber Attack Disruption and Control Systemm

It applies the "deception defense" technology into the network detection and corresponding system with deception ability at both the application and network layers. By linking with Huanzhen advanced threat hunting and tracing system, as well as highly interactive decoy system and bypass traffic distribution technologies, the dynamic deception trapping network will be formed. It can virtualize thousands of deception nodes at low cost, covering the entire organizations network, building a black hole-level attack gravitation field, and achieving accurate threat detection and false alerts. Users can customize the entire dynamic deception network to achieve maximum obfuscation and trapping.

Through machine learning engine and behavioral analysis, Renjia can discover anomaly attacks and hidden malicious behaviors in network traffic, and automates the analysis, and outputs judgment results after dual verification of rule recognition engine and machine learning analysis engine, with an accuracy rate of over 95%.

Renjia has a powerful functionality of asset security analysis, which automatically identifies assets by collecting network traffic, and supports automatic identification of shadow assets. Without affecting the intranet, it detects potential "shadow assets" and obtains basic information about servers by actively sending traceability packet.

Renjia can support the blocking of network layer 4-7 communications with bypass blocking module, including domain name blocking, server-side IP blocking and client-side IP blocking. This module is linked with the threat detection module of Renjia, combining automation and intelligence to intelligently issue security disposal policies according to the type of risk.

Renjia anti-tampering module can be in charge of content management for website and cache frequency. When a website is detected to be maliciously tampered by an attacker, it will automatically return the content of the page cached beforehand and interrupt the request from the business server to ensure that normal users can see the correct page.

Renjia will analyze the security risks on the internet. The "cyberspace warfare and defense" security operation center is built from the perspectives of asset management, attack event and threat traceability, and security compliance management. The center includes asset risk and threat displays, current cyber risk values, cyber security risk trends, etc.

With an open API ecology, Renjia can be combined with third-party SOCs and cloud management platforms through a complete Web API interface to achieve integration of operation and security. It can also be linked with third-party security products through an API interface to provide richer threat detection and interception capabilities. It can also be combined with third-party data platforms to provide comprehensive big data analysis capabilities.