With the advancement of global digitization, cyberspace has increasingly become a complex giant system connected across the globe. Security needs to solve the problems of this giant system with new tactics and frameworks. Recently, at the 9th Internet Security Conference (ISC 2021), Zhou Hongyi, the founder and chairman of 360 (stock code: 601360.SH, hereinafter referred to as “360”), formally proposed to use 360 Security Brain as the core and collaborative security foundation A new generation of safety capability framework of “four in one” of facility system, safety expert operation emergency system, and safety basic service empowerment system.
Based on this framework, 360 will release ten major cyber security “weapons” on ISC 2021, fully considering the needs of security defense, detection, response and other threat response links, and give full play to the role of security strategic resources and people to ensure the dynamics of the framework defense Evolution and operation.
1. 360 Next Generation Threat Intelligence Subscription Service
360 Next Generation Threat Intelligence Subscription Service is an XaaS service that integrates all the security capabilities of 360 Cloud Security Brain. The cloud subscription security service relies on the accumulation of hundreds of millions of assets, vulnerabilities, samples, URLs, domain names and other secure big data of 360 Security Brain in the past 16 years, as well as the security knowledge base formed by the analysis of secure big data, and the precise use of data directly from the cloud Yes, it can shorten the security value chain, improve the level of real-time response, reduce equipment, operation, and labor costs, and improve the professionalism, flexibility, and effectiveness of network security protection. In this ISC 2021, 360’s next-generation threat intelligence subscription service released by 360 includes more than ten subscription applications and multiple professional intelligence analysis tools in two categories: product subscription services and cloud subscription services, which can help cities, industries, and enterprises to pass Manage the external attack surface, master the attacker’s intentions, abilities, skills and tactics, etc., so as to efficiently formulate response strategies; and professional analysts can accurately complete advanced analysis work such as event identification, attack source tracing, APT hunting, etc., and escort related in all aspects Sustainable business development.
2. 360 Security Brain Intelligence Center
The 360 Security Brain Intelligence Center is a “weapon” for data operation infrastructure. New products under the data operation infrastructure responsible for the collection and analysis of secure big data. 360 Security Brain Intelligence Center relies on 360 Security Brain’s hundreds of millions of security big data, with data operation and intelligence production as the core, allowing more security professionals to analyze and trace the source of threats effectively through the form of platform + community. Provide unprecedented intelligence and platform support services. Users can conduct information retrieval, production, consumption, discussion and feedback on the platform, and realize the re-production of information. 360 security teams in various research directions will share the research results in the intelligence community in real time based on hot security incidents, and truly realize the interconnection and intercommunication of intelligence.
Three, 360 situational awareness all-in-one machine 2.0
360 Situational Awareness All-in-One Machine 2.0 is a “weapon” for experts to operate the infrastructure. In the security infrastructure system, the expert operating infrastructure is responsible for daily security operations and emergency response, and is responsible for improving situational awareness and automatic handling capabilities. 360 Situational Awareness All-in-one 2.0 integrates flow-side neurons to provide a wide range of services for small and medium-sized customers with the advantages of easy deployment, convenient operation, fast and effective capabilities, and fully satisfy customers’ visibility, automation, intelligent situational awareness, threat analysis, and centralized security. Operation and compliance requirements, and through remote expert operation and safe hosting services, help customers solve the pain points of sustainable operation.
Fourth, 360 new generation network offensive and defensive range platform
The 360 new generation network attack and defense range platform is a “weapon” under the attack surface defense infrastructure. In the face of the increasing security risks under the digital wave, the attack surface defense infrastructure can effectively be responsible for detecting and blocking external attacks. The 360 new generation network attack and defense range platform uses virtualization technology to simulate real business networks, which can provide government and enterprise institutions with highly simulated, isolated, and efficient deployment scenarios that combine virtual and reality, and provide process management and energy efficiency for training, confrontation, testing, and exercises. Capabilities such as evaluation, data analysis, and deduction review can fully meet the diversified needs of responding to evolving cyber attack threats, testing offensive and defensive capabilities, and iterative defense systems.
V. 360 Tianxiang-Asset Threat and Vulnerability Management System
360 Tianxiang-Asset Threat and Vulnerability Management System is a “weapon” under the attack surface defense infrastructure. It starts from the daily management scenarios of digital asset security, focuses on helping users discover assets, establishes and enhances asset management capabilities, and integrates the entire network. Vulnerability intelligence, to further compensate for the lack of timeliness of traditional vulnerability scanning information, and how to quickly locate vulnerable assets among massive assets when new vulnerabilities break out, and carry out asset vulnerabilities repair and tracking management.
Six, 360 terminal asset management system
The 360 terminal asset management system is a “weapon” under the data operation infrastructure. It relies on the hundreds of millions of equipment library information in the 360 security brain intelligence. From the perspective of XDR offensive and defensive confrontation, it is based on automatic terminal discovery and automatic device type identification. The core realizes the full discovery of the internal network terminal assets, thereby continuously improving the security protection level of the internal network terminal, increasing the threshold of attack, and reducing the risk of being attacked.
Seven, 360 Zero Trust Solution
The 360 zero-trust solution is a “weapon” under the resource management and control infrastructure. The resource management and control infrastructure includes identity, password certificates, zero trust and SASE infrastructure, and realizes the network, system, application, and data through the method of identity management. Fine-grained dynamic control. The 360 ”Zero Trust Solution” officially released in ISC 2021 is based on the security big data accumulated by 360, combined with the security expert operation team, which can provide powerful data and operational support capabilities. At the same time, by integrating attack-side protection and access-side protection, and emphasizing ecological integration, a zero-trust ecosystem supported by secure big data has been constructed.
8. Offensive and defensive service system oriented to actual combat
Continuous actual combat test is an effective way to “know yourself and the enemy.” The opponents, the environment, and themselves in the offensive and defensive confrontation are constantly changing. The key to the agility of security protection is to find and solve the problems. Lack of experience and ability. The actual combat-oriented offensive and defensive service system is the best practice of expert operation services. It is empowered by the core research directions and actual combat experience such as offensive and defensive confrontation, vulnerability research, weapon capabilities, intelligence analysis, attack traceability, etc. of the 360 Advanced Offensive and Defense Laboratory. The offensive and defensive service system launches a series of offensive and defensive services such as AD domain assessment, vulnerability exploitation, attack chain analysis, red and blue confrontation, to create security capabilities for the real network battlefield, and realize the continuous evolution and growth of security capabilities, and further ensure the security of various businesses .
Nine, car networking security solutions
With the support of 360’s new-generation security capability framework, 360 can integrate various ecological products, support digital scenarios in all walks of life, and form a dynamic, multi-view, and full-field coverage digital safety net. In ISC 2021, 360 officially released a security solution for the Internet of Vehicles. The Internet of Vehicles security detection platform and the Internet of Vehicles security monitoring platform are based on the data collection and analysis of the important components of the Internet of Vehicles environment, combined with the analysis and early warning and threat intelligence provided by the 360 Security Brain, to provide vehicles in the demonstration zone for vehicle companies, vehicles and roads. The networked system establishes a security threat perception analysis system, realizes the sensible, visible, and traceable security events of intelligent networked vehicles, and empowers the safe operation of the automobile industry and vehicle-road collaboration.
X. Xinchuang Security Solution
At present, Xinchuang Security is facing severe challenges in capacity building and overall integration. The Xinchuang security solution released this time, from the perspective of web applications and browsers, cuts into the compatibility issues brought about by the migration of Xinchuang business applications, as well as related threats and corresponding solutions, and launched 360 Bianque and supports zero-trust SDP secure access System 360 enterprise security browser. It is reported that 360 Bianque can automate the investigation and repair of compatibility problems of business systems built on the IE browser on the Wintel platform; at the same time, the 360 Enterprise Security Browser can realize the unified access management of cross-platform terminals, and can be used as a zero The terminal carrier that trusts the SDP security protection system realizes secure access based on the algorithm of national secret encryption communication, dynamic judgment based on environment and device identity, user identity, and user behavior, and continuous access control capabilities.
As new types of cyber threats continue to escalate, traditional fragmented defense concepts will inevitably be upgraded to new security strategies that focus on actual combat capabilities. At the same time, it is necessary to build a new security capability framework to enhance the overall defense capabilities of in-depth detection, in-depth defense, in-depth analysis, and in-depth response. At ISC 2021, the top ten new products released by 360 are undoubtedly an innovative practice that fully mobilizes its own data, technology, experts and other capabilities, and puts the security capability framework toward the implementation of global empowerment.