As a national strategy, Digital China is inseparable from the construction of smart cities, whose foundation is the big data center built by the government, relied on the e-government infrastructure for data sharing and interaction.
With the burgeoning expansion of smart cities, the threats of network security are increasingly sophisticated and changeable.
1.Advanced persistent threats become common, which pose a menace to China reputation.
2.An increase in attacks against industrial control systems (ICS) over time. Several important security incidents of ICS should be drawn more attention.
3.Botnets are formed by numerous internet-based intelligent equipment who are attacked by malicious programs using to launch high-volume DDoS attacks.
4.Exfiltration of website data and personal data is not uncommon, which results in serious unforeseen ramifications.
5.Profit-seeking in malicious programs of mobile Internet gets more visibilities, and underground industry has matured.
6.Security of local data and intelligent equipment is threatened by ransomware.
Solution of Venustech Smart City Security Operation Center
● Well-Rounded Detection
Security monitoring is the foundation of security technology in security operation platform, which provides base security service by collecting analyzing data from endpoint, cloud, and tunnel.
Cyber Attack | Website Security | Sensitive Data | Threat Correlation | |||||
Business Weakness | Abnormal Traffic | Asset Information | ||||||
Device Status | Security log | |||||||
| ||||||||
Asset | Business | Traffic | Data | Application | Log | |||
● Multidimension Security Event Analysis
Event correlation is conducted by interactive security analysis, intelligent security event correlation analysis, visual security event analysis and smart flow analysis to uncover current and historical network security global attack events.
● Security Services under Different Scenarios
Provide basic security operation service and advanced operation service for the external environment of big data center.
1.Basic Security Operation Service
Include comprehensive monitoring of security operation, such as onsite personnel monitoring services, managed security device services, security event management and analysis services, security incident notification services, security policy optimization services. In addition, there are website security monitoring services, security framework consulting services, security assessment audit, emergency response services and security empowerment.
Start with these services, generate closed-loop process of the risk, vulnerability and security events for whole environment, response security incidents timely, accumulate knowledge inventory for secondary energization, improve efficiency.
2.Advanced Security Operation Service
In depth customization of emergency supporting and attack-defense scenarios of critical activities, combined with experts and platforms. Deeply mine attackers, aggregated events, detection rules, and use cases. Calculate confidence, attack value, actor coverage, and potential target for forensics and investigations. Analyze the characteristics and behaviors of adversaries, with the help of use machine learning to reveal suspected " commonality threat actors”, which provide technical support for the ongoing countermeasures.
● Technical Support of Different Tiers
Security operation is an intricate engineering system. There must be a deep coupling relationship among mature security operation, IT infrastructure and business activities. The operation of a complex system must have matched organizational structures, just like the human immune system and other circulatory systems. Venustech BeiDou Security Operation Center is composed of threat analysis and response team, vulnerability management team and infrastructure management team, supporting the complete security operation activities.
Solution Values
1.Construct a 24/7 and All-Round Situational Awareness Center
All-weather, all-round awareness of the network security for entire city, realizing continuous monitoring, real-time prevention, detection, and response of threats exposing in urban cyberspace, providing network security services for the city.
2.Security-as-a-Service
Security could be delivered as a cloud service that provide anti-DDoS, anti-Challenge Collapsar (CC), anti-scanning protection, without considering irrelevant security issues in business logic and hardware procurement.
3.Setup Regional Intelligence Generation and Sharing Platform
Timely collect extensive threat intelligence information, such as IP, domain, URL, MD5, hostname and filename, through cooperation with external security institutions and commercial organizations. The big data analysis platform updates this information in the form of knowledge inventory and policy library in analysis module to deal with frequent or possible threats.
4.Build Regional Information Security Talent Pool
Build a regional talent pool for security analysts largely, legacy team as basis, attract external experts and executives of local information technology universities and colleges.
In agreement to the concept of "Independent Third-Party Security Operation Center" within platform plus service, Venustech BeiDou Security Operation Center provides continuous, timely and customized security services to build smart city security operation, big data center security operation, Internet of things and industrial control security operation. Venustech devote to changing the traditional security product delivery mode, incorporate "Venus" energy into network security, based on the business capabilities of data security intelligent operation, cloud computing special operation and industrial special operation.
Have a question? We're here to help.
Please send an email to overseas@venustech.com.cn
Or you can fill out the form below and we will get in touch with you soon.
Thank you for your interest in Venustech.
