Network Detection and Response Platform - TDP

Home
Products & Services
Threat Intelligence
- Threat Intelligence Platform-TIP
  On-premises CTI management, production and sharing platform
- Threat Intelligence SaaS API
  Threat intelligence detection and analysis API
Threat Detection and Response
- Threat Detection Platform-TDP
  Intelligence-driven network detection and response platform
Security Gateway
- DNS-based Secure Web Gateway-OneDNS
  Enterprise office network-oriented secure DNS
- Security Intelligence Gateway-OneSIG
  Professional, mature and high-performance threat protection
Security Services
- Cyber Security Services-OneCare
  Full cycle security services focusing on threat detection and response
Security Tools
Solutions
Partners
About Us
- Company
- Contact Us

ThreatBook CTI

English

简体中文English

中

Threat Detection Platform - TDP^®

The Best CTI-based Network Detection and Response

False positive rate＜0.003%, 0day detection rate＞81%.
Stay ahead of the most complex threats.

As of 30 September 2024, ThreatBook has an overall rating of 4.8/5 in the Network Detection and Response market, based on 54 reviews on Gartner Peer Insights™

Challenges of Network Detection

Difficult to identify risks across assets

Unaware of potential risks where cyber attacks would take place.

Hard to prevent 0day attacks

0day exploits tend to be very difficult to detect.

Meaningless to monitor alerts

1% of real alerts are flooded with 99% false positives.

Attacks are increasingly automated

Response are still processed manually.

TDP Core Capabilities

Automatic and accurate all-in-one network security solution to SecOps team

Risk Prevention

Comprehensive Asset Discovery

Risk Prevention

Comprehensive Visibility

Get real-time visibility into the network, including ports, services, applications, domains corresponding to the asset, and behavioral analytics on sensitive information and file uploading and downloading.

Attack Surface Reduction

Identify critical risks intelligently across newly launched applications, public entrances, login portals, cloud services and APIs, help optimize risk management policies.

Customizable Asset Risk Monitoring

Achieve flexible and centralized risk management based on various security scenarios and the specific needs of the SecOps teams.

Accurate Detection

Zero-day Detection

Accurate Detection

Zero-day Threats Detection

Accurately detect generic zero-day exploits as well as file-based zero-day vulnerabilities by leveraging high-performing machine learning and cloud sandbox.

Compromised Hosts Detection

Accurately identify compromised hosts by uniting rule based analytics with high-fidelity IOC intelligence.

Alert Noise Reduction

Reveal the most critical threats with powerful analytics of in-progress attacks that are enhanced with contexts to improve alert accuracy.

Real-Time Analysis

Focus on Real Threats

Real-Time Analysis

Attack Path Analysis

Aggregate events in a timeline intelligently to clearly sort out hacker attack paths and activity trajectories, simplify correlation analysis.

Multidimensional Analysis

Conduct a comprehensive analysis of threats from the perspectives of attacker, defender, and alert, along with visual analysis of the security posture.

Attacker Profiling

Analyze and extract patterns of attack behavior automatically to build attacker profiles.

Automated Response

TCP Reset Blocking

Realize high TCP reset blocking rate by using the TCP session mechanism to send reset packets to the attacking IP and internal host simultaneously.

Automated Investigation

Automate forensics to pinpoint malicious programs and active malware process through TDP Agent.

Firewall Blocking

Integrate seamlessly with firewall, configure the firewall blocking policy through TDP in real-time.

Why TDP

Accurate Detection

False positive rate＜0.003%
0day detection rate＞81%
Precise detection of targeted attack.

Attacker-Centric

Risk analysis from the attacker’s perspective.
Attack events intelligently aggregated.
Discover unknown threats with the cloud sandbox.

Automated Response

Automatic TCP reset blocking, the effectiveness up to 99%.
Compatible with dozens of brands of firewall.
Automatic endpoint response with TDP agent.

Ease of Use

Intuitive and professional interface.
Multi-perspective threat event analysis.
Trusted by nearly 2,000 enterprise customers.

CSO of a large internet company

“ThreatBook's TDP has a very accurate alert. It can automatically judge the success or failure of the attack, and it can also display the hacker's portrait completely, which is convenient for us to do targeted protection. Since the deployment of TDP, we no longer need to analyze one by one from tens of thousands of alerts, which saves us a IoT of energy and greatly improves our work efficiency.”

CTO of a financial institution

“We have deployed TDP in the DMZ area and the office area of headquarter and each branch. For some smaller branches we have deployed HFish for free. By integrating all TDP together, the alerts from each area are displayed on the headquarters platform. As a result, threat management and control of the entire network are achieved at the headquarters. There is no need to worry about the lack of security protection capability of subordinate companies.”

CIO of an insurance group

“Last year, we purchased the TDP, and used it to comprehensively sort out the attack surface of the group exposed to the external network in the early stage of major events protection, which has greatly reduced the risk of intrusion; During the important protection period, TDP can synchronize with ThreatBook's cloud intelligence in real time to help us quickly detect attackers and automatically block them with pre-configured policies. In the past two years of major events protection, our group has never had any problems.”

Start your free trial now

Experience precise, efficient and intelligent threat detection and response

Free Trial

contactus@threatbook.com

Products & Services