alibaba group today announced the acquisition of domestic security companies HanHai source, known as “China FireEye” HanHai source will be integral to join alibaba security, with the aid of ali cloud computing and big data resources continue to study the security technology of the group, the response including APT attacks (advanced persistent threat attack), the challenge of the next generation of security threats, and subsequent will launch more business oriented APT cloud defense, threat intelligence system , and other products and services.
HanHai source is by the famous security industry experts security company was founded in 2010, the core business in the forefront of network security defence, is the first domestic focus on hardware and software security testing of the professional manufacturers, is also China’s first sustainable threat attack (APT) detection scheme proposed senior security vendor.
APT attacks (Advanced Persistent Threat attack, English full name: the Advanced Persistent — kyoui) is a form of long-term continuous network attack, the attacker for constructing special trigger code, the vulnerability of the victims and specially developed for a specific environment and special Trojan defense system. These specific code, is a defender or protective system did not know, is an unknown threat. Usually sensitive to high value enterprises, government agencies, as well as pose no major threat data information, the main purpose is the commercial secret theft, competition and even cyber warfare.
under the background of the era of Internet +, defend against unknown become a major challenge facing the whole society. As the earliest attention an APT technology and launching products manufacturers, HanHai source launched nebula of the next generation of network attack warning platform and set sail black box testing system and binary code tracking audit system , etc. In the service of the government, military, finance, state-owned enterprises, large Internet companies such as clients. So far, HanHai source is also the only detected by real-time products using zero day vulnerabilities APT attack by intrusions of the manufacturers.
HanHai source, the founder of the hing is a leading experts in the field of domestic security, as the famous security organization XFOCUS core members. In 2002, the hing analysis and published the first famous Microsoft LSD RPC DCOM holes (that is, “shock” worm). In addition, the hing is also the first published on global WINDOWS kernel distance using the technology of security experts, independent found hundreds of Microsoft high-risk level security vulnerabilities and dozens of other important software risk level security vulnerabilities.
HanHai source company, another central figure is wang wei (Alert7). Wang wei is a key focus of domestic famous security organization members, McAfee’s senior security experts, independent found hundreds of high-risk level security vulnerabilities, three-time XCON speaker, POC2010 speaker, also based on the dynamic transmission of the stain hole mining technology patent inventor, and the focal point of security members with book network penetration technology.
in the China and found that the era of network attack and defense is different with the traditional defense paradigm. “Cyberspace security against, its essence is the people of the confrontation in the field of intelligence, knowledge and intelligence. …… First need huge amounts of data, to create the base information, for more events for analysis. The second need powerful data analysis ability.” It becomes the key to alibaba HanHai source choice.
the hing, said “HanHai source security ability, ali have computing and data analysis ability, ability of security and the superposition of two advantages of Internet data analysis, the technological change brings security itself. We will create a web-based threat intelligence analysis and tracking system, you will soon be clear.”
at the same time, when the cloud computing has become the IT infrastructure, to provide customers with more powerful ability of security protection become necessary.
the subsequent alibaba security will launch accordingly:
From the information island APT defense further promoted to Internet APT defense based on cloud computing , for more customer service;Establish threat intelligence system, to predict and prevent potential attack ahead of schedule;
“there is no doubt that security is part of the cloud computing, cloud is ali’s core competitiveness, we need to advance r&d spending for the upcoming challenges for safety.” Alibaba XiaoLi department senior director, said HanHai source team has full integration to alibaba security systems, for cloud computing users to provide more comprehensive security protection. Construction of common security of the Internet.
after ali cloud computing provides a cloud shield for the customer, including the weaknesses against DDos attacks, penetration testing services, analysis and application firewall, cloud server security, ali green network, cloud monitoring, etc.