Recently, the list of "2023 Xinzhi Award · The Fifth Selection of Excellent Financial Data Intelligence Solutions" sponsored by Jinke Innovation Agency and supported by the Global Association of Financial Professionals was officially released. The "SOC+ Advanced Threat Security Governance Solution Based on the New Generation Security Log Big Data Platform Architecture" declared by Tencent Security won the "Xinzhi Award·Excellent Solution for Network Information Security Innovation" .
This year's "Xinzhi Award" focuses on the innovative application and future development of financial technology and digital intelligence in the industry. 84 participating proposals submitted by 68 companies were screened. After two rounds of scoring and defense review by 48 authoritative review experts in the industry, Select excellent solutions that meet the needs of the industry, are advanced, and can be used for reference. With its outstanding security operation technology and innovative solutions, Tencent Security stood out from the crowd and was unanimously recognized by the expert judges.
Cyber threats are constantly changing, and the financial industry needs more security operations
The vigorous development of financial technology has brought about tremendous changes in the product services, business models, and business concepts of related companies, and has spawned a variety of new business formats. The continuous development and application of emerging technologies such as artificial intelligence, blockchain, and cloud computing are also accelerating. This has marked the pace of the financial industry moving towards digitization and intelligence. However, while digital technology brings innovation opportunities to the financial industry, it also introduces more cybersecurity risks. The industry faces the following three pain points:
First, the severe network security situation puts forward high requirements on the level of security operations. The popularity of cloud computing and the acceleration of digital transformation have resulted in exponential growth of network threats. Threat sources, threat types, and threat events are accelerating iterations and intertwined utilization, with strong concealment and pertinence. The linkage and collaboration capabilities between tools and events Increasingly demanding.
Second, there are contradictions between new business risks and traditional security protection. The deep integration of finance and technology has also led to more service scenarios and business scenarios. Network security is more closely related to the daily business and activities of financial companies, which makes its security operations more difficult and demanding.
The third is the scarcity of security operation talents. In the era of financial technology, security operations need to adapt to the personalized and deeper needs of customers, and create more comprehensive security protection and stronger emergency response based on the business layout and future development of the enterprise. However, in traditional financial enterprises, there is still a shortage of talents who master the emerging technologies of financial technology.
Therefore, the industry urgently needs a professional modern integrated security operation system that integrates multiple security products and security solutions to help build a more complete, comprehensive, and more in line with the industry's development path.
A new generation of security log big data platform escorts the digital intelligence of the financial industry
In order to better cope with the new situation faced by current enterprise security operations, Tencent's advanced threat security governance solution based on the new-generation security log big data platform architecture fully integrates the four capability matrices of intelligence, technology, management, and planning. Create a brand-new security operation system and structure with ecological force, provide enterprise threat detection, response and data processing and other capability support, including:
Covering multi-cloud and hybrid cloud scenarios, supporting SaaS-based, service-based and other forms of delivery;
Provide TDIR capabilities to achieve full coverage of internal threat scenarios; massive security big data processing capabilities can support massive data telemetry, detection, analysis, investigation and evidence collection;
With an authoritative security evaluation system, it can intuitively and quickly evaluate the coverage of enterprise threat detection capabilities, attack methods and attack stages;
Integrates security expert experience and AI capabilities to automate threat investigation and response and improve security operation efficiency.
In addition, Tencent's advanced threat security governance solution based on the new-generation security log big data platform architecture has four core advantages. By building a security closed loop of "prediction, defense, detection, and response", it helps customers realize business transformation and upgrade and optimize service systems .
Focus on TDIR and greatly improve the efficiency of threat operations: Tencent’s advanced threat security governance solution based on the new-generation security log big data platform architecture focuses on launching the security data processing process of "raw event/log -> security alarm -> security event". The automatic investigation, response, and disposal of security incidents realizes a closed loop in which the security situation of the entire enterprise network is known, visible, and controllable.
Massive big data analysis and processing capabilities: Tencent's advanced threat security governance solution based on the new generation of security log big data platform architecture adopts and provides a new generation of self-developed security big data technology - cloud native, high performance, column storage, distributed, MPP architecture, an intelligent analysis platform specially designed for security logs. High performance, capable of querying trillions of records and PB-level data in seconds. Extremely low-cost, the data compression ratio is as high as 10-20:1, and the hardware cost is only 1/10 of ES under the same data scale. Separation of storage and computing, high reliability, support for container, VM, and physical machine deployment, and elastic expansion and contraction. Easy to use, supports SPL/SQL interactive query analysis.
Complete security evaluation system ATT&CK: Tencent's advanced threat security governance solution based on the new-generation security log big data platform architecture has fully upgraded the security detection system to achieve full coverage of the ATT&CK enterprise matrix. Use the ATT&CK framework to evaluate security indicators and support ATT&CK capability visualization. It comprehensively and directly displays the overall situation of the current enterprise protection capabilities and the threat panorama it faces.
Integrating expert experience + AI to realize automatic investigation and response: Tencent’s advanced threat security governance solution based on the new generation of security log big data platform architecture has launched an automatic investigation function, which automatically restores tactics, techniques, processes, related contexts and The impact, and give the severity level, description and handling suggestions of security incidents. At the same time, it provides SOAR security orchestration and automatic response capabilities to improve the efficiency of threat response and disposal.
Realize the transformation of intelligent operation through the practice of financial industry
At present, Tencent Security's new-generation security log big data platform has landed on many customers in the financial industry, helping to build an automated and intelligent security operation technology system, effectively improving the level of corporate security protection, and providing customers with various business security and new business The exploration and practice in the field provide a strong backing, with higher quality security to help the high-quality development of the entire industry, and promote the process of digital transformation.
In the future, Tencent Security will continue to invest in research and development relying on its own capabilities, continue to innovate and upgrade SOC+ products, provide best practice solutions that are more in line with customer business needs, and escort the digital upgrade of the financial industry.