Shulou(Shulou.com)06/01 Report--

One such company, founded in December 2000 as a little-known security company, had three people and an office that year. Today, 18 years later, he has become a listed company focusing on enterprise-level security and cloud business, with more than 50 offices and more than 5,000 employees. This company is Shenxin Technology, which was listed on Shenzhen Stock Exchange in May this year!

For the general public, enterprise-level security is a strange word; for IT practitioners, enterprise-level security is the foundation of all information construction. In recent years, data leakage incidents and extortion incidents have constantly refreshed people's awareness of the harm caused by network attacks. In the second half of 2018 alone, there were many data leakage and extortion incidents. In July, millions of Adidas user data were leaked; In August, TSMC Taiwan's three bases were attacked by ransomware virus, with losses of NT $2.596 billion; In October, Cathay Pacific 9.4 million passenger data was leaked; In November, HSBC suffered an attack affecting 1% of US accounts. Security incidents occur almost every month and cause very serious economic losses.

Why are enterprise-level users paying more and more attention to network security construction, but the frequency of network security incidents is getting higher and higher, and the impact of security incidents is getting bigger and bigger? As a network security vendor with deep accumulation, we believe that the core reason is that the speed at which enterprise users acquire the ability to resist new threats and adapt to new environments is far less than the speed at which threats themselves change.

With the continuous development of new technologies such as network and cloud computing, Internet of Things, etc., enterprise users will face greater security threats. How to counter the growing threats to security? Based on the above thinking, deeply convinced put forward a new security concept: future-oriented, effective protection. Facing the future, effective protection means to predict future trends based on clarifying past and present threats and challenges, and improve prediction, defense, detection and response capabilities through skill evolution and intelligence evolution, continuously cope with new risks and challenges, and ensure the confidentiality, integrity and availability of information assets to meet expected requirements.

At the same time, based on the safety concept of "future-oriented and effective protection," a new safety architecture is proposed. The core of this architecture is "evolution"_to continuously improve the effectiveness of protection with "skill evolution" and "intelligence evolution."

● Skill evolution: from security construction "defense ability as the core" to "detection ability as the core"

Many companies have had such a problem, what kind of threat is the most terrible? What security threats are companies most worried about? In fact, it is very simple. The invisible threat is the most terrible. Just like the night war in war movies, the enemy is often the first to be destroyed by your searchlight. It is extremely fatal to talk about effective defense with both eyes black. The same is true for network security defense. To do a good job in security defense, we must clarify the security status quo and predict the security threats and challenges that may arise in the future; and to better predict the future, continuous evolution of detection capabilities is the foundation.

Convinced that the skill evolution of the brand-new security architecture is to evolve the security protection capability from "defense capability as the core" to "detection capability as the core," detect unknown threats with more accurate detection capability, and match appropriate disposal measures to realize the safety detection and disposal of the whole process.

A milestone in the evolution of skills is the delivery of the SAVE Safety Intelligence Detection Engine. The engine uses innovative artificial intelligence feature-free technology, which can optimize the algorithm itself and extract characteristics automatically. Compared with the traditional detection engine which uses fixed algorithm and manually extracts characteristics, it has more advantages. It can accurately detect ransomware variants and other unknown viruses.

Intellectual evolution: continuously improving the adaptability and effectiveness of protective abilities

Many enterprise-level users have such concerns: existing defense capabilities are effective today, will they still be effective tomorrow? Does it seem safe to protect the ability, can it really be safe? These two concerns are not so difficult to eliminate, provided that industry-leading security capabilities can be quickly introduced into customer networks and the effectiveness of security protection capabilities can be continuously improved through threat intelligence and other means.

In terms of improving the adaptability and effectiveness of protection ability, the core idea is the empowerment of continuous evolution strategy, and the most important dependent module is deep conviction security cloud brain. Under the premise of user authorization, the security cloud brain can help the security device to judge whether there is a threat in the customer's network environment, so that the device can learn independently based on the customer's environment, fully integrate with the customer's business, reduce misjudgment, and improve the adaptability of the security protection capability in the network. The threat intelligence of the security cloud brain can provide more security intelligence for the artificial intelligence security detection engine, accelerate the engine learning, and improve the detection accuracy of the algorithm model; at the same time, the security cloud brain can deliver the trained capabilities to the online security devices to improve the effectiveness of security protection capabilities in the customer network.

summary

With the continuous escalation of network security threats, the traditional point-based network security defense capabilities have been unable to fully meet the security needs of enterprises. Through continuous thinking, we deeply believe that the safety concept of "future-oriented and effective protection" is put forward, which is a process of top-down planning and continuous implementation. Through skill evolution and intelligence evolution, the effectiveness of protection is continuously strengthened to make safety construction more effective and simpler.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.