ACW Distribution

Qingteng Wanxiang · Host Adaptive Security Platform

Utilizing an adaptive security architecture, the platform effectively resolves the passive stance of traditional focus-on-defense methods. It adds powerful real-time monitoring and response capabilities to systems, helping enterprises effectively predict risks, precisely perceive threats, improve response efficiency, and guarantee the "last mile" of enterprise security.

Core Architecture

The core architecture of Qingteng mainly comprises three parts: Agent, Engine, and Console, providing foundational, flexible, and solid support for core capabilities across product services.

青藤万相·主机自适应安全平台

采⽤自适应安全架构，有效解决传统专注防御手段的被动处境，为系统添加强大的实时监控和响应能⼒，帮助企业有效预测风险，精准感知威胁，提升响应效率，保障企业安全的最后⼀公⾥。

核心架构

青藤的核心平台架构，主要由 Agent、Engine、Console 三部分构成，为产品服务提供基础的、灵活的、稳固的核⼼能⼒⽀持。

Qingteng Fengchao · Cloud-Native Security Platform

Self-developed by Qingteng, it can be well-integrated into complex and volatile cloud-native environments, such as PaaS cloud platforms, OpenShift, Kubernetes, Jenkins, Harbor, JFrog, and others. By providing a one-stop container security solution covering the full lifecycle of containers, Qingteng Fengchao achieves a closed loop of security involving container security prediction, defense, detection, and response.

Product Functions

Qingteng Fengchao mainly provides native and integrated security capabilities throughout the cloud-native lifecycle process, across two stages: shift-left security and runtime security.

青藤蜂巢·云原生安全平台

由青藤自主研发，能够很好集成到云原生复杂多变的环境中，如PaaS云平台、OpenShift、Kubernetes、Jenkins、Harbor、JFrog等等。通过提供覆盖容器全生命周期的一站式容器安全解决方案，青藤蜂巢可实现容器安全预测、防御、检测和响应的安全闭环。

产品功能

青藤蜂巢主要从安全左移和运行时安全两个阶段，在云原生的全生命周期过程中，提供原生的、融合的安全能力。

 Qingteng WorkClaw

Security Governance & Control (A full-stack AI security control system covering data, models, tools, and execution)

• Unified Inbound Control: Manages all user requests through a single gateway, ensuring that raw sensitive data never leaks into Large Language Models (LLMs).
• Centralized API Key Management & Smart Routing: Dynamically routes requests to internal or external models based on data sensitivity, while providing quota control and rate-limiting to ensure business continuity.
• Third-Party Skill Auditing: Conducts code scanning and security audits on third-party Skills to prevent malicious tool injection and supply chain risks.
• Granular Access Control: Enables fine-grained control over tool access permissions, with built-in capabilities for command interception and restriction.

 
青藤WorkClaw

安全管控（覆盖数据、模型、工具与执行的全链路 AI 安全管控体系）

• 对所有用户请求进行统一入口管控，确保原始敏感数据不流向大模型。
• 统一管理 API Key，并根据数据敏感度智能路由至内网或外网模型，提供配额控制与限流机制，保障业务连续性。
• 对第三方 Skill 进行代码扫描与安全审核，防止恶意工具注入与供应链风险。
• 精细化控制工具访问权限，支持命令拦截与限制。

Qingteng Leihuo · AI-Webshell Detection System

The Leihuo Engine is a self-developed Webshell detection engine by Qingteng. It does not rely on regular expression matching; instead, it reduces complex deformations and obfuscations back to their simplest equivalent forms, and then discovers suspicious content existing in Webshells based on AI inference. After multiple rounds of public adversarial testing, the Leihuo Engine can effectively discover various Webshells attempting to bypass general detection engines in strong adversarial environments. It has a wide range of applications and can detect hidden malicious features in content, whether they are PHP or JSP type backdoors.

青藤雷火·AI-Webshell检测系统

雷火引擎是青藤自研的Webshell检测引擎，不依赖正则匹配，而是通过把复杂的变形和混淆回归成等价最简形式，然后根据AI推理发现Webshell中存在的可疑内容。经过多轮公开的对抗测试，雷火引擎在强对抗环境下都能有效发现各式企图绕过一般检测引擎的 Webshell。适用范围广，不论是 PHP 或是 JSP 类型的后门，均能发现其内容中隐含的恶意特征。