In today's continuous evolution of security threats in the digital age, higher requirements are put forward for the systematization and actual combat of digital security. However, more and more government and enterprise users clearly see that there are multiple collaborative barriers in their own network security construction, such as enterprise equipment fighting for each other, ecological products are difficult to link, and external capabilities cannot be integrated. The security chronic disease of "pain but not communication" has seriously limited the overall ability of government and enterprise users to cope with threats. Users urgently need a single platform that can integrate various security capabilities, and at the same time realize systematic and practical collaboration between enterprise products, between various vendors, and between external security capabilities and internal security capabilities.
In this context, 360 Government and Enterprise Security Group took the lead in upgrading the concept, technology and model, relying on the 360 cloud security brain and 17 years of offensive and defensive combat accumulated security big data, offensive and defensive confrontation knowledge base, threat intelligence and other leading capabilities to officially launch the 360 core security brain 3.0. For government and enterprise users, 360 Core Security Brain 3.0 is the privatization deployment of 360 Cloud Security Brain, which can help build a "capability hub platform" for government and enterprise users.
360 Core Security Brain 3.0 is equivalent to the core CPU in the entire security capability architecture, which can help network security product information sharing, big data centralized analysis and judgment, advanced threat intelligence empowerment, network security product systematic linkage, security policy coordination and other aspects of improvement, fully activate the 360 cloud security brain capabilities, enterprise own product security capabilities, ecological product security capabilities and other capabilities of the coordination and consistency and tactical unification, greatly improve the identification, protection, detection of security risks, Response, recovery, and other capabilities.
In the digital age, security capabilities urgently need to be coordinated 360 Core Security Brain 3.0 to help build a "central platform"
As we all know, 360 uses systematic thinking, breaks the boundaries between security systems and digital systems, and integrates offensive and defensive capabilities and control capabilities, and has helped countries, cities, industries, and enterprises establish a set of operational, sustainable, growable, and output future-oriented digital security capability systems.
The release of 360 Core Security Brain 3.0 is the "central platform" in the digital security capability system, which is the local privatization deployment of 360 Cloud Security Brain on the user side, responsible for the comprehensive systematization of core computing and analysis. In terms of specific composition, 360 Core Security Brain 3.0 is composed of a security big data platform, a cloud-enabled platform and multiple security analysis engines, as well as a practical methodology accumulated by 360 and 17 years of experience.
Among them, the security big data platform accesses various types of security data to make it centrally managed through model-managed data standards, and internally integrates data categories, coordinates data process decisions and steps, and provides one-stop services for the security business from data access to storage, cleaning to computing, and finally to chart display. The secure big data platform has "operator" level data processing capabilities, which helps improve the data processing efficiency in security operations by more than 5 times.
Through cloud-to-ground collaboration and capability sinking, the cloud-enabled platform provides security devices with more than 100 basic security data and analysis capabilities, from vulnerabilities to assets, intelligence to knowledge, clues to rules, and events to postures, which can meet the generalized threat detection and analysis needs of various types of security devices.
In addition, 360 Core Security Brain 3.0 also has nearly 100 types of security analysis engines and more than 2,000 security policies, which can empower specific security products through configuration combinations of professional related analysis capabilities, cope with complex security services, guide security devices to discover and protect high-level network threats from multiple dimensions, and improve their network security capabilities.
Seventeen years of effort Multiple advantages polish 360 core safety brain 3.0
As a "capability hub platform" that can help government and enterprise users expand their global security horizons, integrate various types of security data, and coordinate overall practical decision-making, 360 Core Security Brain 3.0 performs well in data fusion, analysis collaboration, capability aggregation, strategy linkage, and ecological co-construction. Without accumulating steps, there is no way to go thousands of miles, no accumulation of small streams can not become rivers and seas, and the advantages of 360 core safety brain 3.0 are inseparable from the accumulation and precipitation of more than 360 years.
Advantage 1: The most efficient big data processing and analysis technology
The big data platform of 360 Core Security Brain 3.0 has more than 1,200 kinds of analytic methods built-in, and through the data standard of model management, it can access the data of more than 200 brands and more than 2,000 models of equipment and systems in the mainstream under the condition of "out of the box", helping to improve the data processing efficiency in security operations by more than 5 times;
The general security analysis engine of 360 Core Security Brain 3.0 provides more than 100 basic security analysis capabilities from vulnerabilities to assets, from intelligence to knowledge, from clues to rules, from events to situations, etc.; and then relies on the dedicated security analysis engine, which presets 10 categories, more than 60 sub-categories, and more than 2,000 security policies, which can be combined with specific security business scenarios to empower specific security products through configuration and combination;
In order to overcome the problem of inconsistent data caliber, 360 Core Security Brain 3.0 provides a flexible and intelligent data standard management model (SIM), including: more than 1000 attribute standard definitions, preset more than 70 object access rules, which greatly reduces the difficulty of data access and improves efficiency. As a result, 360 Core Security Brain 3.0 has stronger data processing capabilities, richer security analysis capabilities, higher performance, and lower deployment and O&M costs.
Advantage 2: The most complete amount of cloud security big data
360 has 17 years of accumulation of 2EB massive security big data (including a total of 18 billion + malicious URLs, 5 trillion + survivord URLs, sample files 30 billion + 70 billion + DNS resolution records, etc.), through more than ten years of network combat confrontation with the world's high-level attack opponents, the formation of offensive and defensive confrontation knowledge base, APT organization knowledge base, vulnerability knowledge base, virus database, multi-dimensional panoramic security knowledge base and other professional intelligence system architecture, covering from intelligence (threat intelligence), information, knowledge, Vulnerabilities, assets, rules, events, engine results, and other types of intelligence data and context-sensitive relationships. Intelligence data has the characteristics of multiple types (100+), wide dimension (rich context information), fast update (minute level), high precision, through professional manual operation, in-depth analysis of the hidden motives and reasons behind the attack behavior, the formation of a comprehensive and complete threat cognition, and the establishment of an intelligence data system of "knowing what it is, knowing why it is so". These security big data will strategically sink to the core security brain 3.0, forming a "thinking hub" on the customer's local side.
Advantage 3: Powerful panoramic offensive and defensive knowledge framework
Core Security Brain 3.0 has a built-in panoramic attack and defense knowledge framework, providing users with clear and powerful action guidance for fighting unknown threats based on known threats. 360 has accumulated over the past ten years, and has hundreds of APT troubleshooting rules, nearly a thousand TTP technical and tactical rules, thousands of sandbox detection rules, tens of thousands of restorative kill chain detection rules, and a black and white list of about 25 billion. At the same time, it has more than 40 well-known APT organizations' attack information, which not only covers the industry's popular MITRE ATT & CK attack and defense knowledge base, but also makes a lot of supplements based on the actual combat experience of 360.
Advantage 4: open standards and ecological linkage
Third-party security vendors can develop linkage interfaces based on the core security brain 3.0 unified standard API, carry out modular flexible combinations for different security scenarios, and realize the synergistic linkage with various manufacturers and various types of security devices, and jointly defend: with the linkage of terminal devices, such as process isolation, process termination, file isolation, file recovery, registry cleaning, startup entry management, host port blocking, host service disabling, etc.; with gateway device linkage, such as with WAF, Firewall, IPS, IDS, etc. linkage for blocking, isolation, etc.; with detection system linkage, such as linkage with sandbox, to confirm whether the file is malicious files dynamically determined; with third-party intelligence systems linkage, support IP, domain name, file and other intelligence detection.
In general, a large number of users hope to use the process of data-driven network security construction to build a set of core "capability portals" and "central platforms" that can reach cloud knowledge, customer business and ecological data, and "central platforms" for computational analysis, while 360 Core Security Brain 3.0 meets the needs of users, can summarize a variety of network security capabilities into a unified platform, and then empower them to various network security products, so as to comprehensively improve the systematic and practical digital security capabilities of government and enterprise users.
---------------------------------------
(The market is risky, and investment transactions need to be cautious.) The underlying subject is not recommended and the transaction is invested accordingly at your own risk. )