Cloud Security Solution

From 2011 Sony, New York exchange website was attacked, to the end of CSDN, Tianya, everyone and other large sites were towed library, and then the 2012 CIA website, our Ministry of Defense sites are frequently attacked, even to the recent occurrence of the Singapore Prime Minister's website was invaded ... Obviously, the website has been a network attack, the hardest hit of cybercrime. The current attackers are more single-minded and tend to have valuable goals, and government and corporate websites often suffer the brunt. Many users of the information network and even internal office, production system was invaded, and most of the attackers have borrowed the user's external Web site as a "springboard" for attack. It is not exaggerated that the security of the site has become the first line of defense of information security.

How to deal with these diverse, seemingly never-ending security threats? This makes the site's managers headache, but for the knowledge of the technology is not a problem. As a focus on Internet security enterprises, know that the creation of technology in the site on the security of a very mature experience, they have launched a WEBSOC website stereoscopic monitoring system, KS-WAF website Unified Protection System, Websaber Web site Application Security assessment system, Provide three-dimensional comprehensive monitoring and protection for the website. One of the accelerated music products for the site to provide one-stop acceleration, security solutions, has been more than 200,000 of users of the wide application. In the face of an endless network of attacks, know that the spirit of "the magic of a foot in the ruler road," the spirit of painstaking research and development, innovation, product upgrading, trying to seize the opportunity in this site attack and defense, firmly grasp the initiative.

Recently, know Jin Hao Technology product director in an interview told reporters, know that Chuang Yu technology will make major adjustments to the product line, not only to the company's products WEBSOC a big upgrade to improve, but also to launch a star product Webtrack, To help enterprise users in the growing network of attacks to completely secure worry-free.

Jin Hao highlighted the popularity of cloud computing, which has led to an increasing number of attacks on cloud platforms, where attackers can now access a large number of users ' privacy and data, much more than the value of attacking a single web site, by attacking a cloud platform. In October, for example, Adobe confirmed that its cloud service platform had been hacked, and that the number of victimized users exposed was much higher than expected. After that, many large websites, such as Facebook and Yahoo, were also affected, forcing some users to change their passwords in order to keep their users from the attack.

Many Third-party components used by the cloud platform now have vulnerabilities, and security is worrying. In response to this trend, the new version of the WEBSOC integration of a large number of POC vulnerability validation rules to approach the hacker's attack ideas, blocking from third-party application components of the vulnerability, the protection of the cloud platform further.

If, in the case of Web site protection, WEBSOC has done ubiquitous monitoring, how do you know what to do with all the attacks and suspicious behaviors against the site? or what do they come from? What is the user's judgment?

In this respect, know that Chuang Yu technology also have to deal with the remedy. Jin Hao revealed that the creation of technology in December to launch a new product webtrack, it can the industry, the region's overall security statistics and situation analysis, through its own IP reputation archive, hackers can build files, forensics and tracking, to achieve industry, regional unified management, You can also make rapid distribution of virtual patches to provide users with continuous online protection capabilities.

Why do you want to launch webtrack at this time? According to Jin Hao Introduction, Webtrack's technical basis is to lay in the accelerated music products in the Spadovan Web site large-scale applications, and the current government and industry website Grim situation, but also prompted the birth of Webtrack. Different from a single website security protection products, webtrack positioning is a comprehensive web site defense system platform. It employs the proven architecture in practice, and focuses on the security of the site, mainly for regional, industry-oriented government, enterprise users.

The Webtrack system can record the attack logs of all protected sites, by building the data center, you can view all the historical data of the website, and view the multiple Web related data of the same type of event horizontally, in order to realize the off-line three-dimensional association and cluster analysis of the data, and then trace back the source of the attack from many clues. At the same time, the industry and the region as a whole security environment protection, analysis and early warning. The protection of individual Web sites is also easier to identify risks in the context of overall security situation and to make corresponding strategies in a timely manner.

Jin Hao further interpreted the webtrack. The attack on the Internet, he likens, is more like a cyber war against terror for many users. Users need to know where the attacker came from, what information they were interested in, and what they did, and Webtrack was the equivalent of an integrated defense system.

The first is the early warning function. Thanks to the accelerated music products such as large-scale applications, know that the creation of technology and constantly update a huge IP reputation archives, once the network attack, can be judged from the source, to provide early warning.

Then is the second line of defense, the normal IP generated by the behavior, through a variety of rules for security protection. Know Chuang Yu technology through the massive Web site attack data analysis modeling, set up a variety of databases, such as the hacker archives and their commonly used attack methods, attack Code feature library, as well as various applications of the vulnerability library and so on. These databases generate a variety of protection rules and update them in real time. If traffic occurs abnormally, it can be matched by a rule association to determine whether there is a malicious motive for this behavior and make a correct judgment.

Finally, the system has the perfect log analysis function. If an attacker exploited an unknown vulnerability or other factor to successfully attack, the system will dig deeper through log analysis, exposing these hidden malicious behaviors and documenting them to the cloud platform that knows the creation, ensuring that similar actions do not succeed again and do not occur elsewhere. It is commendable that the system can trace the source to all attacks, which is a very useful function for many users.

Jin Hao stressed that the region and industry-class large users can see through webtrack all the security of their website, the site's security problems have intuitive understanding and grasp, so as to make the correct judgment and decision-making on the whole, this is the core value of Webtrack. At the same time webtrack for distributed deployment, very easy to expand, but also with WEBSOC to achieve linkage, more comprehensive protection.

Jin Hao introduced, Websoc as the company's mature products, has proved its own value in practice. It can help users to achieve a large number of minutes of the site monitoring of the cycle, the overall security of the site to conduct a comprehensive, multidimensional security monitoring, to achieve situational awareness, centralized display, and to achieve third-party Web Components recognition and vulnerability verification. Not only that, the upgrade after the performance of the WEBSOC will be significantly improved, including: In the third party application identification, can identify forums, blogs, editors, mailbox systems, such as more than 200 kinds of components; in third-party application vulnerability detection, the total can exceed 1000 detection rules, With more than 200 Third-party component vulnerability verification rules, in the data update main face, complete the ICP library, IP Library update, the data more comprehensive.

So what's the effect of the improvement? Jin Hao further explained this. The first is to enhance the safety of the site display effect, on a screen can display the real-time security of the system, risk distribution, trend map, but also to the way the picture wall real-time, scrolling display target site screenshots and detection results, more intuitive. In this way, users can clearly observe the real-time situation of the system, understand what behavior is the real harm, may bring about what kind of follow-up effects, what kind of problems, the user's security awareness will gradually improve. The second is the ability to improve detection, there are now more than 1000 detection rules, but also continue to increase. Finally, add some new functions, such as convenient and practical report batch and off-line export, support the certificate authorization of virtualization, as well as site discovery (IP back-check) function improvement, support a wide range of unauthorized, not documented, testing site.

The establishment of a healthy, mutually beneficial security ecosystem, is to know that the creation of science and technology has been the pursuit of the goal. The expansion of user scale, can feedback more network attack behavior data, through the analysis of these data mining, know that Chuang Yu can provide users with better, more comprehensive security protection. Next know the creation of science and technology will face the global web site, further improve their own database and protection system, and constantly innovate to create more and better Internet security products.