On October 11, the top 10 information security technologies were released at the Gartner security and risk management summit.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/38/18/wKiom1OykhyjIT3uAAHYXHCEUT0764.jpg "Title =" qq 40701184307.jpg "alt =" wkiom1oykhyjit3uaahyxhceut0764.jpg "/>
The top 10 technologies are:
1) Cloud Access Security Proxy: it is placed on the border or the cloud's pep (policy execution point), the current hot technology of cloud identity management
2) Adaptive Access Control: Situation Awareness-Based Access Control
3) sandbox generalization: sandbox is no longer a product or a market segment, but integrated with various security products to become a function [my understanding (the same below): for example, IDS + sandbox, FW + sandbox, etc]
4) endpoint detection and response solution: [endpoints, including hosts and PCs, are an important part. You cannot only consider the network layer]
5) Big Data Security analysis technology is at the core of the next-generation security platform: [I have already elaborated on this in many blog posts, and Zari is not limited to the security management platform/soc/Siem, other security devices/systems must be combined with bdsa]
6) machine-identifiable threat intelligence, including credit service. [My previous blog has explained a lot about security threat intelligence]
7) containment and isolation will serve as the basic security policy: [This is like the zero-trust network security advocated by Forrester, or the RSA Expert Committee said, "What is important is to discover attacks, it does not discuss whether attacks exist in the network "." Isolation "technology has a wide range of meanings. virtual desktops can be regarded as a kind of isolation between users and terminal applications. The network gate is also a kind of in-depth isolation, while the boundary is getting increasingly blurred, will the internal network become increasingly fragmented? We also need to think about it]
8) software-defined security SDS: [we have also discussed the decoupling and On-Demand reconstruction of traditional security capabilities]
9) interactive application security testing: combines traditional static application security testing with dynamic application security testing. [Gartner provides dedicated MQ Market Analysis for Static and Dynamic Data]
10) security gateways, proxies, and firewalls for the Internet of Things: [this topic is being discussed with colleagues just a few days ago. In two aspects, it is intended for consumers, mainly for smart home security gateways, smart Home hardware (such as health, entertainment, and household intelligence) is protected, and smart security gateways for household vehicles are also provided. The other is smart security gateway for enterprise-level environments, such as smart grids and Smart Information Collection (Environmental Protection and Sanitation ).]
Here is a Chinese version.