Weibu Online TDP: 99.97% accuracy, how low can the false negative rate be under high-intensity confrontation?

On March 6, 2022, the "Attack and Defense Confrontation, Vulnerabilities Are King" Weibu Online TDP Online Challenge officially closed the entry channel. This challenge was hosted by Beijing Weibu Online Technology Co., Ltd., and nearly 900 network security enthusiasts witnessed and participated. This is a large-scale summit game prepared for network security enthusiasts, and it is also a transparent public test of Weibu Online's own products. This challenge is long, and the players' attack methods are gradually complicated and varied in repeated attempts to bypass. In a high-intensity confrontation environment, the final detection rate of Weibu Online TDP is 93.7%, and the missed detection rate is only 6.3%.

In this challenge, contestants need to exploit vulnerabilities and successfully bypass the detection of TDP (Threat Detection Platform), a traffic detection and response (NDR) security product of Microbu Online, in order to score points. Zhao Linlin, head of TDP business of Microbu Online, said: "In the first week of the competition, the detection rate of TDP once reached 98%. In the second week, contestants began to repeatedly try to bypass the method, and the detection rate also dropped from 98% to 93.7%, but overall, this number is not satisfactory. At present, the detection rate of bypass methods encountered in the repair competition has risen to 98%."

TDP is one of the main products of Weibu Online, focusing on traffic-based threat discovery and response. TDP combines multiple detection technologies such as threat intelligence, machine learning, rules, and algorithm models, and can effectively sort out assets and attack surfaces. By asynchronously analyzing suspicious IPs and determining whether the attack is successful, it aggregates alarm noise reduction into attack events. TDP bypass is deployed at the exit of the enterprise network switch, and can monitor all north-south and east-west bidirectional traffic to achieve comprehensive and accurate threat detection without affecting the performance of the enterprise network or confronting network attacks.

In terms of detection effect, TDP can quickly and accurately detect and respond to a variety of new threats and attack methods such as vulnerability exploits, Trojans, worms, mining, ransomware, advanced targeted attacks (APT), with an accuracy rate of up to 99.97%; on the response side, TDP can effectively interact with third-party security devices such as firewalls to provide a 99.99% blocking success rate.

Since its launch in 2017, TDP has been deployed in nearly 500 benchmark enterprises in industries such as finance, energy, electricity, Internet, smart manufacturing, and real estate, becoming an important tool for customer companies' daily security operations and a major security device for traffic detection and response.

About Weibu Online

Beijing Weibu Online Technology Co., Ltd. is a representative of China's new generation of network security companies. Weibu Online provides professional SaaS threat detection products and services, and is committed to becoming a threat discovery and response expert for corporate customers. Based on the industry-leading Weibu Security Cloud, Weibu Online's existing traffic, endpoint, threat intelligence, Internet security access, XDR and other security protection, detection and response product lines are equipped with 7x24 security services to help customers establish a full life cycle threat discovery and response system. Currently, there are nearly a thousand large corporate customers from energy, finance, smart manufacturing, Internet and other industries such as State Grid, PetroChina, Industrial and Commercial Bank of China, China Merchants Bank, Everbright Bank, Xiaomi, JD.com, CITIC Group, etc.