1、 Huawei HiSec Endpoint Intelligent Huawei HiSec Endpoint Intelligent Endpoint Security SystemEndpoint Security System Technical White PaperTechnical White Paper H HUAWEI UAWEI T TECHNOLOGIESECHNOLOGIES C CO O.,L.,LTDTD.Huawei HiSec Endpoint Intelligent Endpoint Security System Technical White Paper

2、Contents Copyright Huawei Technologies Co.,Ltd.ii ContentsContents 1 Security Background and Challenges1 Security Background and Challenges .3 3 1.1 Definition of EDR in the Industry.4 1.2 Overview of Huawei HiSec Endpoint Functions.6 2 Product Architecture Design2 Product Architecture Design .1010

3、3 Core Functions3 Core Functions .1212 3.1 Endpoint Identification and Management.12 3.2 Data Collection.13 3.3 Threat Defense.15 3.4 Threat Detection.17 3.5 XDR Collaboration.44 3.6 Source Tracing and Response.47 4 Deployment Scenarios4 Deployment Scenarios .5353 Huawei HiSec Endpoint Intelligent E

4、ndpoint Security System Technical White Paper 1 Security Background and Challenges Copyright Huawei Technologies Co.,Ltd.3 1 Security Background and ChallengesSecurity Background and Challenges According to network security operations data and security reports in recent years,ransomware,cryptojackin

5、g,worms,password compromise,and remote access Trojan(RAT)are active and stealthy,and come in many variants.According to the 2023 Malware Readiness and Defense Report released by SpyCloud,the top threat to enterprises is ransomware,followed by phishing/spear-phishing and infostealers.Figure 1-1 shows

6、 the details.These three threats go hand-in-hand.Many organizations may find it difficult to say which is the top malware to defend against.Figure 1Figure 1-1 1 Greatest threats to organizations security Here are examples of malware that has existed for a long time:TargetCompay,which ranks second in