With the continuous development of information technology such as big data and cloud computing, the internal data flow of enterprises has gradually become shared and open. This trend is conducive to breaking through the data sharing barriers between different departments and systems in the organization, and even among various organizations, so that the enterprise data assets can exert greater value. However, in some scenarios of data resource sharing, enterprises will face the data security problem of sensitive data leakage.
Threat Hunter API security control platform has the ability to automatically manage data assets, helping enterprises manage t complex applications and interfaces within the organization, locate sensitive data assets, identify the accounts of data receiving and sending ends, analyze the source and whereabouts of sensitive data of accounts, draw interface profiles and access paths, discover user behavior risks in real time, and finally realize the visualization of data assets. In addition, it can comprehensively record the data access behavior, trace and analyze the leaked data content, evaluate the data leakage surface and the leakage source path, achieve effective management of the leakage event to meet the compliance supervision and reduce the loss.
The bypass deployment mode is adopted, without changing the existing network structure of the service with zero business interference.
Automatically identify the sensitive traffic, identify and establish API assets list, visually display and monitor in real time, timely discover the API vulnerabilities and comprehensively grasp the overall traffic.
Audit the user's access behavior, build a user model through an intelligent analysis engine, create a behavior baseline, quickly discover abnormal access and violations, and perceive the leakage risk in real time.
After a leakage event occurs, fully record the business behavior of sensitive API, support the event playback and evidence collection, and analyze the leakage surface to effectively manage the leakage event.