Industrial monitoring and situational awareness platform
Centralized safety management system
Industrial safety isolation network gate system
Industrial safety audit system
Industrial control honeypot system
Industrial asset exploration and full life cycle management system
UHC Security Audit protection system
The host security hardening system
Industrial network security terminal gateway system
Industrial Safety assessment System
Vulnerability information base
Industrial control safety risk assessment services
Industrial control assets sorting and full life cycle management services
Industrial control security penetration services
Industrial control safety active defense services
Industrial control security border protection services
Industrial control safety operation services
Training actual combat parallel simulation laboratory construction services
Cyberspace security wall chart prevention and control platform
Website cloud protection platform
Fishing drill service platform
Application host Integrated protection system G01
Network asset mapping analysis system D01
Internet exposure asset risk dynamic monitoring system FD01
Network violation external audit system E01
Network attack blocking system K01
习总书记在“4.19 speech "pointed out that" to maintain network security, we must first know where the risk is, what kind of risk, when the risk occurs ", he also clearly pointed out that we should "find out the family, recognize the risk, find out the loophole, report the results, and urge the rectification" process to carry out network security inspection。"Finding out the family background" is the use of various technical means to describe and identify multidimensional aspects of cyberspace equipment, systems, architecture, and information assets, which is also the cornerstone of cyberspace security work。
The state implements a system of graded cybersecurity protection。Network operators shall comply with the requirements of the network security grade protection system,Perform the following security protection obligations,Protect the network from interference, sabotage, or unauthorized access,To prevent network data from being leaked or stolen or tampered with: (1) Formulate internal security management systems and operating procedures,Identify the person responsible for network security,Implement cybersecurity protection responsibilities;(2) Take technical measures to prevent computer viruses, network attacks, network intrusion and other acts that endanger network security;(3) Take technical measures to monitor and record network operation status and network security incidents,And keep relevant network logs for at least six months in accordance with regulations;(4) Take measures such as data classification, backup and encryption of important data;(5) Other obligations stipulated by laws and administrative regulations。
The state is responsible for important industries and fields such as public communication and information services, energy, transportation, water conservancy, finance, public services, and e-government,And others in the event of a breach, loss of functionality, or data breach,Critical information infrastructure that may seriously endanger national security, national economy and people's livelihood, and public interests,On the basis of network security level protection system,Implement key protection。The specific scope of critical information infrastructure and measures for its security protection shall be formulated by The State Council。The State encourages network operators outside critical information infrastructure to voluntarily participate in the critical information infrastructure protection system。
A list of assets related to protected objects should be prepared and kept, including the department responsible for the assets, their importance and location;
Assets should be identified and managed according to their importance, and corresponding management measures should be selected according to their value.
Information classification and identification methods should be stipulated, and the use, transmission and storage of information should be standardized management。
Necessary measures should be taken to identify security loopholes and hidden dangers, and repair the discovered security loopholes and hidden dangers in a timely manner or after assessing the possible impact;
Safety assessment should be carried out regularly, safety assessment reports should be formed, and measures should be taken to deal with safety problems found。
The security weaknesses and suspicious events discovered should be reported to the security management department in a timely manner;
A security incident reporting and disposal management system should be formulated to clarify the reporting, disposal and response processes of different security incidents, and stipulate the management responsibilities for on-site handling, incident reporting and later recovery of security incidents.
In the process of security incident report and response processing, analyze and identify the causes of the incident, collect evidence, record the processing process, and sum up experience and lessons;
Different procedures and reporting procedures should be adopted for major security incidents that cause system disruption and information leakage。
With the continuous expansion of network scale, customers in various industries generally have problems such as unclear assets, unclear responsibilities and rights, unclear risks, and unclear management. From the perspective of network asset operators, asset security management mainly faces the following pain points:
Network asset discovery capability is insufficient
The ability of asset safety management is insufficient
The ability of asset risk research and judgment is insufficient
Insufficient emergency response capacity
Problem tracing and forensics ability is insufficient
In the past network security assets sorting work, the vast majority of manufacturers have used interviews, consulting network topology, consulting relevant management systems and other ways to collect and identify assets, which is not only inefficient, but also easy to ignore some assets。 Cloud security in order to solve the above problems,Developed a "five-step" cybersecurity asset governance solution (hereinafter referred to as the "five-step solution"),Start by finding out what's going on,Through the five key steps of asset learning, record management, three-dimensional protection, automated operation and emergency response,It covers the full life cycle of online security inspection, local filing control, operation security monitoring, compliance construction and collaborative emergency response of cyberspace assets,It can effectively identify unknown asset risks,Full monitoring of assets in transit,Timely disposal of problem assets offline,Meet the specific security requirements of each link in the operation process of network assets。
The five-step solution relies on security threat intelligence from the First Research Institute of the Ministry of Public Security,Through the network exploration D01, network defense G01, network shield K01 and other products or services to form the overall solution,The use of cyberspace asset governance capabilities will organically combine comprehensive monitoring capabilities with defense-in-depth capabilities,To achieve normalized compliance and safety construction and practical emergency response disposal,Provide users with continuous security capabilities。
The solution can effectively make up for the shortcomings of users' traditional asset management methods, help users open up the information management process, improve the work efficiency of safety operation and maintenance, and then accurately discover unknown assets and timely disposal, so as to achieve timely risk clearance。
Plan through comprehensive asset learning and combing,Can help users build a complete asset Kanban,And transform offline fragmented asset information into an online visual asset view,Intuitive operation situation monitoring and security state analysis of assets based on visual operation window,Help security administrators make accurate research and analysis。
The solution utilizes a rich asset control process,It can help users connect the work of service departments, development departments, operation and maintenance departments, and security departments,The use of platform-based management to implement specific safety systems,Ensure that assets from the application, review, on-line to change or return of all links can be clear ownership, responsibilities and rights,Make the asset security incident well documented and reasonably handled。