网络安全态势感知标准在金融行业云场景下的应用实践
Application Practice of Network Security Situation Awareness Standards in Financial Industry Cloud Scenario
陈妍 1常媛媛 1周家晶 2熊庆昌 2尹思凡 3黄超3
作者信息
- 1. 公安部第三研究所
- 2. 中国银联股份有限公司
- 3. 腾讯云计算(北京)有限责任公司
- 折叠
摘要
围绕金融行业云的网络安全运营需求,基于GB/T 42453-2023《信息安全技术 网络安全态势感知通用技术要求》,在银联云上设计和构建了具有安全数据湖、流量解析、多源事件实时关联分析、智能AI安全分析等核心功能的网络安全态势感知平台.该平台能够对运营侧与租户侧面临的安全威胁进行持续监测预警和态势展示,有效满足了云上环境的资产发现、未知威胁检测、全量安全日志统一管理、安全事件处置、安全态势可视化等中小金融机构的安全需求,大幅提升其安全运营效果和效率.
Abstract
Based on GB/T 42453-2023"Information security technology—General technical requirements for network security situation awareness",network security situation awareness platform with core functional such as secure data lake,traffic analysis,real-time correlation analysis of multi-source events,and intelligent AI security analysis was designed and constructed on UnionPay Cloud to meet the network security operation requirements of financial industry cloud.The platform can continuously monitor,warn,and display the security threats faced by both the operation and tenant sides,effectively meeting the security needs of small and medium-sized financial institutions in cloud environments such as asset discovery,unknown threat detection,unified management of full security logs,security event handling,and security situation visualization,greatly improving their security operation effectiveness and efficiency.
关键词
网络安全/态势感知/金融行业云/监测预警/GB/T/42453-2023Key words
network security/situation awareness/financial industry cloud/monitoring and early warning/GB/T 42453-2023引用本文复制引用
出版年
2024
NETL
NSTL
万方数据