As of 31 May 2023, ThreatBook has an overall rating of 4.8/5 in the Network Detection and Response market, based on 44 reviews on Gartner Peer Insights™

Challenges of Network Detection

Hard to prevent 0day attacks

  • 0day exploits tend to be very difficult to detect.

Meaningless to monitor alerts

  • 1% of real alerts are flooded with 99% false positives.

Difficult to identify risks across assets

  • Unaware of potential risks where cyber attacks would take place.

Attacks are increasingly automated

  • Response are still processed manually.

TDP Core Capabilities

Automatic and accurate all-in-one network security solution to SecOps team

0day Response

0day

0day Response

  • Cloud sandbox
  • Detect file type 0days in word, excel, wps, etc., with the capabilities of ThreatBook Cloud Sandbox.
  • 0day detection engine
  • Detect common types of vulnerabilities such as non-logical and non-encrypted vulnerabilities.

Accurate Detection

Focus on Real Threats

Accurate Detection

  • Detection based on accurate intelligence
  • Accurately pinpoint the compromised hosts and APT attacks based on ThreatBook intelligence.
  • Automated investigation of attacks
  • Based on full package analysis, automatically determines whether an attack succeeds or fails.
  • Massive alert noise reduction
  • Conduct correlation analysis of alerts with intelligence based detection algorithms to insure the accuracy of attack alerts.
  • Attack path analysis
  • Aggregate events in a timeline to well analyze attack path and attack process.

Comprehensive Discovery

Comprehensive Asset Discovery

Comprehensive Discovery

  • Continuously discovering and profiling all assets and services
  • Identify ports, services, applications and versions; Identify the domain and sub domain corresponding to the asset; Identify clear text sensitive information and file upload and download behavior.
  • Attack surface reduction
  • Intelligently identify whether the app is newly launched and accessible over public networks, intelligently identify login portals, detect API risks, help sort out and verify management policies, and conduct attack surface convergence.
  • Customizable asset risk behavior
  • Based on different security policies, set asset risk monitoring alerts as needed to help security teams achieve adaptive risk monitoring.

Automatic Response

Automatic Response

Automatic Response

  • Built-in TCP reset blocking
  • Using the TCP protocol mechanism to send reset packets to the attacker IP and victim host simultaneously to block the connection.
  • Integrated with firewall
  • Generating and pushing the blocking IP to the firewall. Update the firewall blocking policy through TDP in real-time.

Why TDP

Accurate Detection

  • Threat detection of highly
  • credible intelligence support.
  • False positive rate<0.03%.
  • 0day detection rate>81%.

Combat-Oriented

  • Risk analysis from the
  • attacker’s perspective.
  • Intelligent aggregation of
  • attackers to completely
  • restore the attack process.
  • Discover unknown threats
  • with the cloud sandbox.

Automatic Response

  • Automatic TCP reset
  • blocking, the effectiveness
  • up to 99%.
  • Compatible with dozens of
  • brands of firewall.
  • Automatic endpoint
  • response with TDP agent.

CSO of a large internet company

  • “ThreatBook's TDP has a very accurate alert. It can automatically judge the success or failure of the attack, and it can also display the hacker's portrait completely, which is convenient for us to do targeted protection. Since the deployment of TDP, we no longer need to analyze one by one from tens of thousands of alerts, which saves us a IoT of energy and greatly improves our work efficiency.”

CTO of a financial institution

  • “We have deployed TDP in the DMZ area and the office area of headquarter and each branch. For some smaller branches we have deployed HFish for free. By integrating all TDP together, the alerts from each area are displayed on the headquarters platform. As a result, threat management and control of the entire network are achieved at the headquarters. There is no need to worry about the lack of security protection capability of subordinate companies.”

CIO of an insurance group

  • “Last year, we purchased the TDP, and used it to comprehensively sort out the attack surface of the group exposed to the external network in the early stage of major events protection, which has greatly reduced the risk of intrusion; During the important protection period, TDP can synchronize with ThreatBook's cloud intelligence in real time to help us quickly detect attackers and automatically block them with pre-configured policies. In the past two years of major events protection, our group has never had any problems.”

Start your free trial now

Experience precise, efficient and intelligent threat detection and response

Free Trial