Security industry and security firms
From 2013 to 2018, the global information security industry investment is actually growing. With the implementation of the enactment of the 2016 Act and the level of network security protection system, China's information network security industry for all types of threatening behavior already has a certain amount of protection, monitoring, control, market development potential to be rising. In recent years, information security industry grew steadily in government guidance, enterprise participation and user acceptance of a virtuous cycle, the strength of local enterprises to gradually strengthen. Security is becoming richer product mix, the comprehensive development of network perimeter security, information security within the network and external network of information exchange in areas such as security; key chain competitiveness of safety standards, security chip, security hardware, security software, security services is growing.
2
That is, China's information security personnel for various industries demand is constantly increasing. Especially the government, telecommunications, banking, energy, securities, transportation, education and other key industries concerned. We can look at these two major manufacturers of recruitment will be able to know the current demand for information security talent market is how big. This was disclosed on Freebuf jobs, we can see the demand for jobs in the information security field is very large, in fact, salary can be ahead of other industries. For small partners are learning and ready to engage in security technology in the field of security, it is actually a very good time.
So in fact, learned WEB safe little friends all know, the security industry is actually divided into many directions, it is probably the most problematic vulnerabilities emerge in the past, that is, system security, with the development of technology, it is now also smoke a lot of different directions of the security industry, such as the now more popular cloud security, industrial security, business security and so on.
For example, network security on this panorama, with the development of different industries, but also correspond to differentiate a lot of security in different directions, and different security industry began to differentiate the different types of security, safety products. Security solutions. From another perspective, it will promote the continuous training of security personnel in major colleges and universities, but also for the community to provide more jobs and employment opportunities. Of course, so many in the security industry, we are able to grasp their own direction, then 1-3 is enough. No one can simultaneously engage several areas of study and research. So you students can also choose their own security interest in the field of learning according to their own preferences.
Of course, with the security market, it will certainly be security needs. There is a demand will drive the development of major companies. Many security vendors after ten years of development, in terms of safety concept, the core technology and mainstream products have made significant progress, and emerge in the international arena. Like on Ali, Tencent, Venus, Huawei, Hangzhou Arnhem are all safe areas have outstanding contributions and has a strong security team. At home and abroad has a relatively large influence, by domestic and foreign many things flat rate of trust and recognition.
Like a veteran of the security vendors, their firewall, intrusion detection and prevention, network access, web application firewall, Internet behavior management, anti-DDOS technology are all very rich R & D and technology development experience. Before the network security has not really caught people's attention, they would have come in the security front, quietly leading the security industry to continue to develop. Also made an indelible contribution to our nation's security
Of course, there are some with a lot of emerging security vendors constantly rising, like Ali, 360, Pavilion Technologies, Tencent are all the more rapid development in recent years, security manufacturers. They have their own security in the emerging security technologies, security solutions, security operations, security services, a network security system architecture, network security team, security research and development center, in the old market and brand security vendors have also It was a fight.
There is, we can also refer to the safety of cattle sorted out the security industry panorama (http://all.aqniu.com/)
They put together the security gateway, endpoint security, application security, data security, content security, identity and access security, cloud security, mobile security, security intelligence, business security, networking security, safety management, security services, Evaluation and Certification, etc. It has a wealth of implementation capacity and core technology security vendors. Help maintain corporate security personnel provide clear guidance in selecting a corresponding security services, security products of the time.
Common Security Products
WEB application firewall, that is, we often say waf.
Waf now generally known by the rules, protocols, and traffic detection analysis to analyze its content delivery. It is also now a lot of products commonly used means of detection.
Then we look at the traditional workflow waf, usually divided into four steps:
1, parsing http / https request, parses split protocol;
2, matching rule, the rule is detected using the module matches an existing rule base;
3, using the defense action defense;
4, logging, attack behavior and record detailed information to waf own log file.
This is the working principle of traditional waf. Typical representatives of manufacturers have Arnhem Ming Yu and basaltic shield.
But there is also a means of identifying waf detection based on neural networks, which are waf words are in a state ready to learn, simple to understand talking about artificial intelligence technology on top of traffic detection and analysis. This waf research costs than traditional detection methods is much higher, but waf based on neural networks can be a good defense for abnormal traffic and zero-day vulnerabilities, typical representative of the manufacturer is Technology Pavilion
Then the next, then we will introduce the second paragraph of common security products - machine fortress, fortress machine is mainly biased in favor of endpoint security management, from the literal meaning of the term "fortress machine" refers to a computer for defensive attack. In practice, the fort machine also known as "bastion host" is a host system, which itself is usually after a certain amount of reinforcement, with high safety, can withstand a certain attack, its main role is in need of protection information system resources and sources of security threats, isolation, thus forming a strong "fortress" in front of the protected resources, and does not affect normal users normal access to the resource at the same time to combat threats, fortress machine also integrates behavior audit and access control, thereby strengthening the safety of reactor operation and control.
That fortress machine is centralized management of our servers or other terminal equipment, if we want to log server or terminal device, we must, through the machine to log in through the fortress after fortress machine two-factor authentication to access our servers or other terminal devices . More well-known open source fortress machine is Jumpserver.
Then the third paragraph of the more common security products on our IPS, commonly known as intrusion prevention systems. Network or network device capable of monitoring network data transmission behavior of computer network security appliances, capable of real-time interrupt, adjust, or isolate some abnormal or hurtful behavior of network data transmission.
IPS to our normal data and abnormal data were compared to identify anomalies, that it knows the relationship between the data and the normal data. In the face of dynamic code, first put them in the sandbox behavioral trends observed traffic. If you find a suspicious situation, it will immediately trigger a defense mechanism to block. Venus is representative of typical device of IPS product.
Then we introduce a final product - situational awareness platform, situational awareness platform is a product resulting from a threat modeling past two years brought the country. Situational awareness platform technology to quickly define the type of threat, identify hidden nature of threats through behavior after machine learning, at the same time, provide analytical modeling, structural behavior of network users white environment. To provide users with assault perception based on the summary of the whole network-related attacks related information, through statistical analysis, correlation integration and other means of attack information for closed-loop process, providing a panoramic view of the attack trend monitoring, with the type of attack, attack, distribution , attack relations, trends, and other dimensions result of the attack capability to attack the situation presented. It is a typical representative of the manufacturer Huawei
It is more common than we introduced security products, but with the continuous development of technology, at this stage there have been many different functions of security products, such as: APT early warning platform, Internet behavior management, web tamper-resistant and so on. According to the security situation should be planned deployment of enterprise security products in various different security zones, they are actually individual.