A certain company is a giant in the payment field and is at the core of the industry, promoting the intelligent and digital transformation of China's payment industry. The company provides relevant professional services and financial technology services, builds an open ecosystem, builds a digital network, and serves global payments.
Build a financial operating system
Promoting the development of China's financial digitalization
The company has established a unified technical standard and product system for the financial operating system, promoted the development and application of key core technologies of the operating system, and supported the development of financial digitization. However, as digitalization accelerates the penetration of network security threats into various fields, the company is also actively exploring and practicing the construction of a network security assurance system. In terms of application security, through planning and construction of a security research and development system, it builds endogenous capabilities in application security and effectively promotes The security level of application research and development has been continuously improved.
In terms of safety assurance, the company plans to solve several problems in order to realize an endogenous safety protection system and shift safety to the left.
-
Traditional security protection investment costs are high, and security tools need to be used to optimize detection capabilities and reduce security investment costs.
-
The detection tool needs to be used by multiple R&D teams and multiple applications at the same time.
-
Detection tools need to be integrated into the existing DevOps platform without affecting development efficiency.
Multi-dimensional security management and control
Achieving endogenous security
The enterprise uses the open source network security gray box security testing tool (VulHunter) to conduct "high availability" and "high concurrency" automated security testing of runtime applications and APIs during the R&D testing phase, and conduct full life cycle management of software vulnerabilities, implement Multi-dimensional application security management and control reduces application security risks during the development phase.
The open source network security gray box security testing tool (VulHunter) was integrated into the enterprise's DevOps platform to promote security intervention in the entire process, and at the same time met the security testing needs of multiple R&D teams and all JAVA WEB applications, with a coverage rate of 95%, enabling security investment The control is within a very low range, which greatly improves the security, helps the enterprise to continuously improve the security endogenous "digital intelligence" ability, provides more powerful support for software security research and development, and provides users and enterprises with better payment experience and efficiency.
In the future, the company will use the achievements of digital development to create a mobile payment product system with wider acceptance and higher activity, and continue to help economic development in digital construction. Open source network security will also continue to empower the financial industry, create and continuously improve security endogenous "digital intelligence" capabilities, provide more powerful support for enterprise software security research and development, build a strong wall of application security, and promote business development.
