Recently, WebRAY was recognized by IDC as a "major vendor" in the 2023 China Situational Awareness Solution Market Evaluation, reaffirming its reputation with a leading third-party consulting firm.

After years of technological development and product refinement, WebRAY has effectively addressed the pain points across various industry scenarios, offering multi-dimensional solutions tailored to different analytical perspectives. These solutions meet the technical requirements of situational awareness systems with personalized scene understanding capabilities, all based on a general analysis model. In terms of product concept, technical implementation, and market application, WebRAY's solution has the following key features:

Rich Data Sources
The solution aggregates diverse data types, including asset ledger information, API asset data, asset vulnerability data, intrusion threat events, advanced threat events, and horizontal abnormal behavior. It extracts metadata from various dimensions, such as asset IP, domain/subdomain, port, service, system, middleware, security vulnerabilities, weak passwords, website shell backdoors, content auditing, malicious access, illegal scanning, zombie hosts, Trojans, worm attacks, brute-force attacks, injection, cross-site scripting, request forgery, and more. The richness of raw information and comprehensive analysis provide strong data support for situational awareness, offering detailed clues for event analysis.

Dynamic Asset Perspective
A situational awareness model is built from the security perspective of asset governance, starting with network asset management and analyzing the correlation between asset attributes, management status, self-security, and attack risks. Intrusion and vulnerability monitoring further enrich the incident analysis dimensions. By integrating active surveys, passive surveys, agent-based collection, manual reporting, and manual sorting, a dynamically updated, multi-source integrated asset ledger is maintained, ensuring the accuracy and timeliness of asset management. This helps users assess security conditions from a business perspective, identify security risks accurately, and implement emergency responses effectively.

Accurate Correlation Analysis
The solution incorporates original security events from multiple dimensions, integrating PDNS, Whois, organizational structure information, network intelligence, and threat intelligence to enhance the accuracy of event correlation analysis. By leveraging the SOAR security orchestration and automation engine, it identifies the relationships between different types of security events, filters out irrelevant data, extracts meaningful information, and accurately assesses the impact of incidents based on asset health, threat potential, and damage severity, providing actionable recommendations.

Closed-loop Incident Response
The solution's overall design covers situational monitoring, correlation analysis, incident analysis, notifications, warnings, and emergency response for security incidents. It provides a complete process from detection and analysis to incident handling and follow-up. By combining security technology with operational management through notifications and disposal functions, it helps users oversee the entire incident resolution process. Whether dealing with high-risk intrusions, critical vulnerabilities, or illegal activities, it ensures a secure, closed-loop response.