Compared to the conventional TESS TMS, the TESS TMS provides additional features such as collecting suspicious files, YARA Engine-based malicious file detection, automated application detection/analysis, suggesting a more sophisticated security monitoring and response system against new threats including APT.
TESS TMS provides overall monitoring and response to cyber threats by preventing escalation of damage with remedies to simultaneously relieve damage through early warnings, alarms, monitoring and analysis of cyber threats including internet worms, viruses, and hackings.
센서에서 수집된 유해트래픽을 분석하여 종합상황을 파악할 수 있도록 합니다.
Signature-based detection of DoS, Malware, etc.
Collecting and detailed analysis of suspicious traffic.
Establishing policies against security threats
Repeating detected information to Comprehensive Analysis System or Enterprise Security Management (ESM), and IPS block signal.
Detecting and collecting file transfer within traffic, YARA signature-based malware detection, synchronization with external APT solutions
Threat analysis engine based on
attackers‘ IP reputation information
Detecting / analyzing application level without any specific detection protocol
Internal asset information collection provided as default analysis function
<센서에서 수집된 유해트래픽을 분석하여 종합상황을 파악할 수 있도록 합니다.
<센서에서 수집된 유해트래픽을 분석하여 종합상황을 파악할 수 있도록 합니다.