Founded in 2014, WeBank is the first digital bank in China. As a product of reform and innovation in the banking industry, WeBank has actively seized new opportunities in the digital economy era since its opening more than eight years ago, using technological means to provide small and micro enterprises and the general public with characteristic and differentiated high-quality financial services, and has broken a new path in serving the real economy with digital inclusive finance and helping the economy achieve high-quality development.
Technological innovation drives business development
Safety construction should not be underestimated
WeBank adheres to technological innovation to drive the development of the core business of the enterprise, increases investment in and construction of financial technology, and launches a series of inclusive financial products in line with national policy guidance, such as "Micro Loan", "Weiye Loan" and "WeBank Wealth+", which fully meet the actual needs of long-tail individual users and small, medium and micro enterprises, effectively improve service quality and service efficiency, and make finance inclusive for the public.
While using financial technology to promote business growth, WeBank also attaches great importance to the construction of application security systems to continuously reduce the risk of loopholes in online financial services. WeBank's scientific and technological personnel account for more than 50% of all employees. Over the years, technology research and development expenses have accounted for more than 10% of operating income. It is one of the earliest banks in China to implement S-SDLC solutions. In the process of R&D security construction, in order to improve the quality of R&D security, reduce the cost of vulnerability discovery and repair, and at the same time enable continuous detection of thousands of applications and tens of thousands of instances, indicators such as detection efficiency, stability, false alarm rate, and user experience become the key to selecting a suitable gray box security testing product.
Bring in external security tools
Ensure safe and timely launch of applications
After full research and preparation in the early stage, WeBank chose to adopt the open source network security gray box security testing tool (VulHunter). VulHunter not only has a strong conventional vulnerability detection capability, but also supports localized customized development. By integrating with WeBank's existing R&D process system, it has realized the closed-loop process of deployment, testing, repair, and re-inspection. Most of the links have been fully automated, effectively realizing the leftward shift of the closed-loop security risk. At the same time, VulHunter has also helped WeBank improve the efficiency of vulnerability detection in the R&D stage. At the same time, the low false positive rate has greatly reduced the cost of R&D confirmation of vulnerabilities, enabling most of the vulnerabilities to be discovered and resolved before going online, effectively improving the security quality of the application system.
So far, WeBank has accumulatively served more than 370 million individual customers and more than 4.1 million small and micro enterprise market entities, which has comprehensively improved service quality and service efficiency, which is closely related to the construction of the security prevention and control system. In the future, Kaiyuan Network Security will also provide better products and services, build a cornerstone of digital business security for enterprises, and promote the steady development of digital transformation.
