12月26日,腾讯云在“云安全趋势暨腾讯云安全年度产品发布会”上发布了“全域安全”解决方案,同时首次发布了腾讯云AI安全助手。
On 26 December, Tsingyun released a “global security” solution at the “Cloud Safety Trends and Annual Product Release” and, for the first time, the Tsingyun AI Safety Assistant.
据了解,过去几年,企业的云上业务规模增长迅猛,混合云、多云逐渐成为企业普遍选择的部署方式,数据显示有近8成的上云企业选择混合云的方式。但在混合云的使用趋势下,安全运营团队需要对接多个云,API滥用和相关数据泄露风险也将翻倍。
It is understood that, over the past few years, businesses have grown rapidly in size, mixed clouds and cloudy clouds have gradually become the preferred mode of deployment for enterprises. Nearly 80% of upper cloud enterprises have opted for cloud blending. But, given the trend in the use of mixed clouds, the risk of API misuse and related data disclosure will be doubled.
针对这一挑战,腾讯云推出“全域安全”解决方案与腾讯云AI安全助手,据了解,腾讯云AI安全助手能高速提效,以漏洞修复为例,以往漏洞处理至少需要2-3天、20多次操作,安全助手将对话简化为3次即可修复漏洞
In response to this challenge, Tsingyun launched a “global security” solution and tsengyun's ASI security assistant, who is known to be able to provide high-speed efficiency, using bug repair as an example, which in the past took at least 2-3 days and more than 20 times to process the bugs, and the Security Assistant reduced the dialogue to 3 times to repair the bugs.
API滥用和相关数据泄露翻倍
APIThe misuse and disclosure of related data doubled
万企上云时代,随着企业对云原生等技术的深度应用,多云技术架构得到了快速发展。据中国信通院《2023年混合云发展调查》数据显示,调研的上云企业中,使用混合云的企业占比达到75.5%,并且有59.3%的企业表示预计将在未来一年内加大在混合云的投入。
In the cloud age, cloud-based technology architecture has developed rapidly with the deep application of technologies such as cloud logs. According to data from China’s Information and Communications Technology Institute Survey of Mixed Clouds Development 2023, 75.5% of the firms surveyed use mixed clouds, and 59.3% indicate that they are expected to increase their input into mixed clouds in the coming year.
中国信通院云大所开源和软件安全部副主任、中国通信标准化协会TC608云安全工作组组长孔松在发布会上表示,混合云具有部署灵活、成本低、最大化整合现有资产、促进业务创新等显著优势,随着数字化进程推进,混合云已逐渐成为企业普遍选择的部署方式。
At the launch meeting, the Deputy Director of the Ministry of Open Source and Software Security, Yun Da, China, and the Chief of the TC608 Cloud Security Working Group, China Communications Standardization Association, stated that mixed clouds had significant advantages in deploying flexible, low-cost, maximizing the integration of existing assets and promoting business innovation, and that as the digitalization process advanced, mixed clouds had gradually become the preferred mode of deployment for enterprises.
不过,多云/混合云部署会让安全运营的复杂度进一步提高。据孔松介绍,一方面是管理更加复杂,安全运营团队需要同时对接多个云的安全体系,企业内部又涉及多个部门和多个安全工具,难以实现统一的安全管理。另一方面是安全风险更加复杂,跨云连接面临极大的数据安全风险,据信息技术研究和分析公司Gartner预测,到2024年API滥用和相关数据泄露将翻倍。
However, cloud/mixed cloud deployments can further complicate safe operations. According to Confucius, on the one hand, management is more complex, security teams are required to handle multiple cloud-connected security systems at the same time, and multiple sectors and multiple security tools are involved within the enterprise, making it difficult to achieve uniform security management. on the other hand, security risks are more complex, and cross cloud connections pose significant data security risks, with the IT research and analysis company Gartner predicting that API abuse and related data disclosure will double by 2024.
腾讯云安全产品负责人周荃表示,企业的网络环境可以分为业务环境和用户环境,安全的复杂度往往就体现在两个环境的交互是纷繁多样的,甚至是不可见的。而安全运营团队往往规模都不大,但却需要同时要对接和整合多云、多个安全厂商的不同安全产品,这会让安全运营面临巨大的工作负荷,甚至和多云、混合云的业务架构的初衷背道而驰。
The company’s network environment can be divided into business and user environments, the complexity of which is often reflected in the heterogeneous, or even invisible, interactions between the two environments. And the safety operating teams are often small, but they need to combine and integrate cloudy, multi-firm safety products, which can put security operations at a huge workload and even run counter to the original intent of cloud-rich, mixed business structures.
小红书网络安全负责人林敏就在发布会上表示,作为多云部署企业,如何在多云架构下稳定承接高流量的交互,维持业务稳定,是小红书云上安全建设的重点。林敏还提到,多云部署让小红书实现多活、冗余备份和容灾,但同时也增加了资产的暴露面和数据调用的安全风险,因此需要构建风险可视化、安全能力标准化的安全体系。
At the launch, Lin Min, the head of security in the Small Red Book Network, said that, as a cloud-based deployment company, it was a priority to build security on the Little Red Clouds to stabilize the interaction of high-flow flows and maintain business stability. Lim Min also mentioned that cloud-based deployments enable the Small Red Books to become more active, redundant and disaster-prone, but also increase the exposure of assets and the security risks associated with data calls, thus requiring the construction of a security system for risk visualization and standardization of security capabilities.
AI安全助手3次对话修复漏洞
在会后群访中,腾讯云安全副总经理董文辉表示,他观察到,未来云用户将持续降本增效,多云架构也会成为趋势。同时从腾讯云客户的基本情况来看,包括电商、游戏、内容等相关企业会越来越多地选择出海,在这种情况下,用户会需要标准化、统一化的维护、运营方案。
During a follow-up interview, Mr. Dong Wenhui, Deputy Director-General of Tsing Cloud Security, stated that he observed that future cloud users would continue to reduce efficiency gains and that cloudy structures would become trends. At the same time, in view of the basic situation of Tssing Cloud clients, including companies involved in electricity, games, content, etc., they would increasingly choose to go to the sea, in which case users would need standardized, unified maintenance and operational programmes.
今年,腾讯云安全已升级发布“全域安全”解决方案,将云安全中心与主机安全合二为一,企业可在安全底座上层“乐高式“搭建安全产品模块,实现公有云、混合云、自研云的多云统一管理,以及横跨生产网、办公网、互联网的三位一体防护,即“全域安全”。
This year, Tseng Cloud Security has been upgraded to issue a “global safety” solution that combines cloud safety centres with mainframe security, allowing companies to build safety product modules on the upper “Lakeo” floor of the safety base, with integrated management of public clouds, mixed clouds, self-research clouds, and three-pronged protections across production networks, office networks, and the Internet, i.e., “global security”.
此外,值得一提的是,发布会上腾讯云安全首次对外发布了AI安全助手。据腾讯安全科恩实验室高级安全研究员唐祺壹介绍,腾讯云安全在通用模型基础上,投喂安全知识语料库二次训练出安全大模型,并且基于安全大模型打造了一款腾讯云AI安全助手,覆盖告警解释、漏洞修复、日志处理、智能客服等四大能力,产品将会在2024年1月全量正式上线。
In addition, it is worth mentioning that, for the first time, the security assistant of AI was released at the launch. According to the Senior Security Researcher at the Queen's Laboratory, Tang Xiao, the safety of the Qing Quan Xing Xing Xing Xing Xing Xing, based on a common model, trained a large safety model for the repository of safety knowledge, and built a four-pronged safety assistant based on the safety model, covering warning explanations, bug fixes, log processing, and smart passenger clothing, the product will be fully online in January 2024.
据悉,腾讯云AI安全助手主要解决两大类的需求。一类是高频场景,即确定性的、重复的工作可以交给AI来完成,例如封禁一个IP、封禁10000个IP、封禁过去30天攻击过我的高危告警IP等确定性事件,企业可以通过AI安全助手在一次对话间完成处理;而面对需要安全专业能力和经验判断的硬核场景,如告警解释、事件溯源分析、应急响应等,腾讯云AI安全助手也能辅助解决。
One type of high-frequency scenario, i.e., certainty, can be entrusted to AI, such as the banning of an IP, the banning of 10,000 IPs, the banning of a high-risk alert IP that has struck me for the past 30 days, which can be handled by an enterprise through an AI security assistant in the middle of a dialogue; and a hard-core scenario that requires security expertise and empirical judgement, such as warning interpretation, incident retrospective analysis, emergency response, etc., which can also be supported by a TSAI security assistant.
此外,据了解,腾讯云AI安全助手提升了产品体验和交互效率,以漏洞修复为例,以往漏洞处理至少需要2-3天、20多次操作,AI安全助手将对话简化为3次即可修复漏洞;安全助手还提升了产品的安全能力,当攻击者通常会通过样本的快速变种绕过安全产品的防护,AI安全助手则可以快速生成规则,提升样本的检出率。
In addition, it is understood that Tsingyun's ASI security assistant has improved product experience and interactive efficiency, for example, by using leak repair, which used to take at least 2-3 days and more than 20 operations, and that AI's security assistant has reduced the conversation to three times to repair the bug; the safety assistant has also enhanced the safety of the product, and when the attacker usually bypasses the protection of the safe product through the rapid transformation of the sample, the ASI security assistant can quickly generate rules to increase the detection rate of the sample.
董文辉还向南都记者表示,虽然用户在云安全上有通用需求,但细分到各领域时,云安全需求又会存在一些差异。在电商领域,用户会关注竞争对手是否会盗走价格表、是否会在关键购物活动节点上实施攻击、是否有黑客将设置相关程序薅优惠券羊毛扰乱活动秩序;在游戏领域,用户会关注来自竞争对手的黑客勒索;在出行领域,用户更关注端到端的数据安全。
Dong Wenhui also informed Nandu journalists that while users have a general need for cloud safety, there are some differences in cloud security needs when they are broken down into different areas. In the electronics sector, users will be concerned about whether competitors will steal price sheets, whether there will be attacks on key shopping events nodes, whether hackers will set up relevant procedures to disrupt order; in the game, users will be concerned about hacker blackmail from competitors; and in the field of travel, users will be more concerned about data security at the end.
采写:南都记者 林文琪
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论