Transwarp Data Hub
Transwarp Data Studio
Transwarp Sophon
Transwarp Data Cloud
Transwarp ArgoDB
Transwarp KunDB
TxData (ARM)
TxData (x86)
TxIRA
Transwarp Audit
Big Data Platform Security Audit Software
A security audit software for big data
Product Introduction
Transwarp Audit is a big data-oriented security audit software. Based on the audit log of big data component, Audit can audit and trace the user's login, authorization, file operations, database table operations and other behaviors, and alerts to risk events that endanger security. In addition, Audit can monitor the operation events of sensitive data in the platform in real time, and can alert and notify in time in the event of data leakage.
Seven Main Functions
Flexible Audit Data Collection
Flexible Audit Data Collection
Support bypass mirror traffic and big data service log collection.
Alarm Event Management
Alarm Event Management
Trace and troubleshoot by checking the associated events to find the action that triggered the rule, then to deal with the marking .
Sensitive Information Protection
Sensitive Information Protection
Include the monitoring and alarming of abnormal downloading and access of sensitive data. Users can also create new sensitive data rules, and add whitelists to set specific times and groups to access sensitive data.
Audit Object Management
Audit Object Management
Audit the configuration of tenants and services, manage alarm rules at tenant granularity, and handle alarm events.
Abnormal Behavior Alert
Abnormal Behavior Alert
A large number of built-in expert rules are provided in the alarm rules, including monitoring and alarming of various abnormal behaviors such as user login, authorization operation, and operation failure. Users can adjust the rules according to the real environment and create new custom rules. When creating a new rule, users can select the service type, application scope and alarm level.
System Management
System Management
In system management, users can manage information, select their organization, audit tenants and corresponding roles, and set authority for roles. In audit object management, users can query audited tenants and services, and set aliases.
Rules and Metrics Management
Rules and Metrics Management
Define and preset judgment conditions in combination with platform nodes and business data, provide flexible rules and metric definitions, and flexible expansion.
Flexible Audit Data Collection
Support bypass mirror traffic and big data service log collection.
Four Core Advantages
Dynamically identify cluster sensitive asset distribution
Dynamically identify cluster sensitive asset distribution and real-time monitoring
Preset a large number of industry audit rules
Preset a large number of industry audit rules, out-of-the-box in multi-scenarios
Audit for big data products
Audit for big data products, support a variety of big data audit objects
Powerful decision engine support
Powerful decision engine support, support user entity behavior analysis UEBA
Technical Scenarios
Sensitive Data Protection
Discover the distribution of sensitive data in the cluster, and generate audit alerts for sensitive data operations of different levels.
User Behavior Entity Analysis
Through user behavior entity analysis (UEBA) to discover individual users and potential anomalies of audit entities, and data security problems can be avoided in time by pre-warning.
Hazardous Operation Warning
Alarm for the ongoing hazardous operations on data, such as high-risk database operations, illegal SQL, password sniffing, etc.
Post Audit and Backtracking
Post audit and backtracking of each operation event of big data.
Industry Scenarios
Financial
A large number of customers in the financial industry have deployed Transwarp big data platform, which requires high security levels and full audit coverage. Audit supports the anti-leakage protection of sensitive data for the big data platforms. By presetting a large number of industry audit rules, users can comprehensively audit and trace the operation of big data to ensure the safety and compliance of data operations.
Government
Data centers in various regions, such as Shanghai Big Data Center, have deployed Transwarp big data platform as the digital base. The data scale is large, the composition of data consumers is complex, and there is a lot of personal privacy data. Audit can protect sensitive data in an all-round way, and it can detect abnormal user behavior, give early warning of potential risks, and ensure the security and compliance of various data operations.
Customer Cases
Customer needs
○ The bank has 7 clusters with 100+ nodes. The monthly log data volume of the production line reaches 10 million. With the increasement of data volume and operation volume, the security audit of big data access becomes more and more important, especially the implementation of the hierarchical protection system and personal information security protection system, which requires the big data operation department to audit the usage of big data , including user access to data and authorization of database users.
Solutions
○ In response to the market's demand for security audit, Trans-Huan Technology has combined its years of experience in operation and maintenance management and security services in the field of information security, combined with industry best practices and compliance requirements, and launched a big data security audit system, which is oriented to control and monitor the data operations and authority of big data platform. Based on Transwarp Audit to build an audit center that fully covers the big data platform, and quick and accurate locating and presentation of various events, effectively solving a core problem in informatization supervision.
Project results
Realize centralized monitoring, query and management, and visual auditing of data access and operation of each node of the big data platform;
Standardized and normalized processing, filtering and merging on the information sources of each node;
Second-level pre-warning and locating for non-standard operations of data security audit
Transwarp, Shaping the Future Data World
