Shulou(Shulou.com)06/01 Report--

The top ten information security technologies of 2014 were unveiled at the Security and risk Management Summit held by Gartner on June 26th, US time.

The top ten technologies are:

1) Cloud access Security Agent: PEP (Policy Enforcement Point) placed on the border or cloud, the current hot technology of cloud identity management.

2) Adaptive access control: context-aware access control

3) generalization of sandbox: sandbox is no longer a product or a market segment, but is integrated with various security products and becomes a function [my understanding (the same below): for example, IDS+ sandbox, FW+ sandbox, etc.]

4) Endpoint detection and response solution: [endpoints, including hosts and PC, are very important and cannot be considered only at the network level]

5) big data's security analysis technology is the core of the next generation security platform: [there is no doubt about this. I have elaborated on a large number of blog posts, and Zari is not limited to the security platform / SOC/SIEM, but also other security devices / systems should be combined with BDSA]

6) threat intelligence that can be identified by machines: including reputation services. [my previous blog has talked a lot about security threat intelligence]

7) containment and isolation will be the basic security strategy: [this is like the zero-trust cyber security advocated by Forrester, or, as the RSA expert committee said, "the important thing is to discover *, not to discuss whether it exists in the network." The meaning of "isolation" technology is very broad, the virtual desktop can be regarded as a kind of isolation between the user and the terminal application, and the network gate is also a kind of deep isolation. As the boundary becomes more and more blurred, will the internal network become more and more fragmented? We still need to think about]

8) Software-defined security SDS: [we have also discussed this, which is the decoupling and on-demand refactoring of traditional security capabilities]

9) Interactive application security testing: the combination of traditional static application security testing and dynamic application security testing. [for static and dynamic, Gartner has a special MQ market analysis]

10) Security gateways, agents and firewalls for the Internet of things: [just a few days ago, I was discussing this topic with my colleagues. Two aspects, facing consumers, mainly home intelligent security gateways, protect home intelligent hardware (such as health, entertainment, home intelligence, etc.), and intelligent security gateways for household cars. The other is an intelligent security gateway for enterprise environment, such as smart grid, intelligent information collection (environmental protection, health, etc.). ]

There is a Chinese translation here.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.