Core Security & AI Solutions

Products

Attack Surface Management (ASM) & Supply Chain Risk Assessment

1. Overview

The Attack Surface Management System initiates from an organization's root domains and organizational structure. Leveraging automated processes and penetration testing expertise, it adopts an attacker's perspective to focus on digital assets. It builds a dynamic risk posture view for the organization, generates actionable risk intelligence, and integrates with defense systems to streamline attack surface reduction through a unified workflow.

2. Platform Architecture

The system adopts a microservices and distributed architecture. It incorporates rule repositories and a component-based mechanism, encapsulating functionalities into components or plugins as atomic capabilities to ensure system scalability. The front-end interface is built using the VUE framework, achieving backend logic separation and component-based development to enhance response speed and user experience.

The system consists of three layers: the Data Resource Layer, Function Support Layer, and Application Service Layer.

3. Application Scenarios

Live-fire Cyber Exercises: Proactive exposure reduction and responsive containment during national and industry-level cyber exercises.
Exposure Surface Reduction: Centralized asset visibility and surface reduction across subsidiaries and branches.
Data Leakage Tracing and Forensics: Correlating leaked external data with internal systems to form forensic chains and avoid repeated breaches.
Security Operation Infrastructure: Foundational platform for SOC and SIEM systems, driving continuous security maturity.

4. Product Features

Quantitative Risk Assessment: Asset-based scoring and risk formula evaluation for the entire exposure surface.
Digital Asset Exposure Discovery: Full-spectrum visibility into shadow IT, forgotten assets, and early vulnerability exposure.
Comprehensive Data Leak Detection: Tracks digital footprints to identify and respond to asset-level data leaks.
Continuous Digital Risk Monitoring: High-frequency inspections across web, social, and app environments.
Risk Prioritization Analysis: Threats ranked not just by severity but by exploitability, context, and organizational impact.
Risk Remediation and Verification: Closed-loop workflows, alerts, and API integrations for remediation actions.

5. Product Advantages

Automated Exposure Mapping: One-click discovery using cyberspace APIs and enterprise data sources.
Threat Intelligence Correlation: Real-time asset discovery from massive threat data pools and fingerprint cross-checks.
Smart Vulnerability Discovery: Predictive matching based on asset/exploit fingerprints for early warnings.
Deep Learning Asset Identification: CNN-driven recognition of OS and service traits with superior accuracy.
Extensive Monitoring Channels: Integrates 60+ channels including search engines, code platforms, asset services.

6. User Values

Deliver Continuous Visibility into the Exposure Surface for Timely Reduction
Accelerate Vulnerability Detection and Response Times
Reduce Costs and Improve Operational Efficiency
Mitigate the Impact of Data Leaks and Reduce Overall Risk