SlideShare a Scribd company logo

Cnhawk 建设新企业安全体系

Download as PPTX, PDF
D
drewz lin
1 of 12
建设新企业安全体系
道高一尺魔高一丈 十年生聚,十年教训
企业安全成果 • 企业安全体系 – 安全检测体系 – 攻击防护体系 – 安全审计体系 – 安全运营体系
数字统计
威胁进化
新形势?新举措! 上善若水
卓越运营 • 更专业的安全运营 – 平衡便利性和安全性 – 道之以德,齐之以法 – 高度自动化 – 纵深防御
持续创新 • 数字安全的军备竞赛 – 研究最新技术 – 总结分析失误 – 安全促进创新
新思维 • 需要转变 – 安全保护围绕数据为中心 – 对安全事件深度挖掘 – 从无法接受到损失可控 – 业界合作是主流(TSRC)
让天下没有不安全的交易 善战者无赫赫之功

Recommended

Bloggen, niet alleen omdat het leuk is - Ikki.nl
Bloggen, niet alleen omdat het leuk is - Ikki.nlBloggen, niet alleen omdat het leuk is - Ikki.nl
Bloggen, niet alleen omdat het leuk is - Ikki.nlKees Romkes
 
PROFILE
PROFILEPROFILE
PROFILEpanempaan
 
Profile
ProfileProfile
Profilemnhomes
 
Mon lab intro
Mon lab introMon lab intro
Mon lab introlschmidt1170
 
Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...
Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...
Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...Karla Phlypo
 
#Lamp人#淘宝数据魔方的系统架构 -长林
#Lamp人#淘宝数据魔方的系统架构 -长林#Lamp人#淘宝数据魔方的系统架构 -长林
#Lamp人#淘宝数据魔方的系统架构 -长林drewz lin
 
Evolve your agile coaching dashboard ver 2
Evolve your agile coaching dashboard ver 2Evolve your agile coaching dashboard ver 2
Evolve your agile coaching dashboard ver 2drewz lin
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 

Recommended

Bloggen, niet alleen omdat het leuk is - Ikki.nl
Bloggen, niet alleen omdat het leuk is - Ikki.nlBloggen, niet alleen omdat het leuk is - Ikki.nl
Bloggen, niet alleen omdat het leuk is - Ikki.nlKees Romkes
 
PROFILE
PROFILEPROFILE
PROFILEpanempaan
 
Profile
ProfileProfile
Profilemnhomes
 
Mon lab intro
Mon lab introMon lab intro
Mon lab introlschmidt1170
 
Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...
Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...
Facilitating Ideation with External Open Collaborative Communities_SIKM May 2...Karla Phlypo
 
#Lamp人#淘宝数据魔方的系统架构 -长林
#Lamp人#淘宝数据魔方的系统架构 -长林#Lamp人#淘宝数据魔方的系统架构 -长林
#Lamp人#淘宝数据魔方的系统架构 -长林drewz lin
 
Evolve your agile coaching dashboard ver 2
Evolve your agile coaching dashboard ver 2Evolve your agile coaching dashboard ver 2
Evolve your agile coaching dashboard ver 2drewz lin
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
Automated softwaretestingmagazine april2013
Automated softwaretestingmagazine april2013Automated softwaretestingmagazine april2013
Automated softwaretestingmagazine april2013drewz lin
 
Djt22 justinliu djt.qq.com
Djt22 justinliu djt.qq.comDjt22 justinliu djt.qq.com
Djt22 justinliu djt.qq.comdrewz lin
 
云安全防护的战略思考
云安全防护的战略思考云安全防护的战略思考
云安全防护的战略思考drewz lin
 
Top100summit 宗刚-全生命周期性能评估体系的实践
Top100summit 宗刚-全生命周期性能评估体系的实践Top100summit 宗刚-全生命周期性能评估体系的实践
Top100summit 宗刚-全生命周期性能评估体系的实践drewz lin
 
云存储与虚拟化分论坛 生活在云端 蔡礼洪
云存储与虚拟化分论坛 生活在云端 蔡礼洪云存储与虚拟化分论坛 生活在云端 蔡礼洪
云存储与虚拟化分论坛 生活在云端 蔡礼洪drewz lin
 
Global agilityagile2012
Global agilityagile2012Global agilityagile2012
Global agilityagile2012drewz lin
 
4 高阳 淘宝主站cgroup资源控制实践
4 高阳 淘宝主站cgroup资源控制实践4 高阳 淘宝主站cgroup资源控制实践
4 高阳 淘宝主站cgroup资源控制实践drewz lin
 
Improving communication through improvisation half day workshop student ver...
Improving communication through improvisation half day workshop student ver...Improving communication through improvisation half day workshop student ver...
Improving communication through improvisation half day workshop student ver...drewz lin
 
章文嵩:使用Lvs集群架设高可扩展的网络服务
章文嵩:使用Lvs集群架设高可扩展的网络服务章文嵩:使用Lvs集群架设高可扩展的网络服务
章文嵩:使用Lvs集群架设高可扩展的网络服务drewz lin
 
Cloudsnetworking
CloudsnetworkingCloudsnetworking
Cloudsnetworkingdrewz lin
 
Agile 2012 contracting 2 step
Agile 2012 contracting 2 stepAgile 2012 contracting 2 step
Agile 2012 contracting 2 stepdrewz lin
 
Agile2012 uxd design mapping
Agile2012 uxd design mappingAgile2012 uxd design mapping
Agile2012 uxd design mappingdrewz lin
 
Track1dongsiying4
Track1dongsiying4Track1dongsiying4
Track1dongsiying4drewz lin
 
Q con成都主题演讲【弹性计算】by马介悦
Q con成都主题演讲【弹性计算】by马介悦Q con成都主题演讲【弹性计算】by马介悦
Q con成都主题演讲【弹性计算】by马介悦drewz lin
 
Superhei 我的安全世界观(删节版)
Superhei 我的安全世界观(删节版)Superhei 我的安全世界观(删节版)
Superhei 我的安全世界观(删节版)drewz lin
 
Agile2012 klingon
Agile2012 klingonAgile2012 klingon
Agile2012 klingondrewz lin
 
Christian Union
Christian Union Christian Union
Christian Union Dustinv98
 
Axis 黑客来了怎么办
Axis 黑客来了怎么办Axis 黑客来了怎么办
Axis 黑客来了怎么办drewz lin
 
Kenneth vannessa
Kenneth vannessaKenneth vannessa
Kenneth vannessalschmidt1170
 
Blue whale hot spots o... lanes, raising threats
Blue whale hot spots o... lanes, raising threatsBlue whale hot spots o... lanes, raising threats
Blue whale hot spots o... lanes, raising threatsLisa Schmidt
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
 
Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013drewz lin
 

More Related Content

Viewers also liked

Automated softwaretestingmagazine april2013
Automated softwaretestingmagazine april2013Automated softwaretestingmagazine april2013
Automated softwaretestingmagazine april2013drewz lin
 
Djt22 justinliu djt.qq.com
Djt22 justinliu djt.qq.comDjt22 justinliu djt.qq.com
Djt22 justinliu djt.qq.comdrewz lin
 
云安全防护的战略思考
云安全防护的战略思考云安全防护的战略思考
云安全防护的战略思考drewz lin
 
Top100summit 宗刚-全生命周期性能评估体系的实践
Top100summit 宗刚-全生命周期性能评估体系的实践Top100summit 宗刚-全生命周期性能评估体系的实践
Top100summit 宗刚-全生命周期性能评估体系的实践drewz lin
 
云存储与虚拟化分论坛 生活在云端 蔡礼洪
云存储与虚拟化分论坛 生活在云端 蔡礼洪云存储与虚拟化分论坛 生活在云端 蔡礼洪
云存储与虚拟化分论坛 生活在云端 蔡礼洪drewz lin
 
Global agilityagile2012
Global agilityagile2012Global agilityagile2012
Global agilityagile2012drewz lin
 
4 高阳 淘宝主站cgroup资源控制实践
4 高阳 淘宝主站cgroup资源控制实践4 高阳 淘宝主站cgroup资源控制实践
4 高阳 淘宝主站cgroup资源控制实践drewz lin
 
Improving communication through improvisation half day workshop student ver...
Improving communication through improvisation half day workshop student ver...Improving communication through improvisation half day workshop student ver...
Improving communication through improvisation half day workshop student ver...drewz lin
 
章文嵩:使用Lvs集群架设高可扩展的网络服务
章文嵩:使用Lvs集群架设高可扩展的网络服务章文嵩:使用Lvs集群架设高可扩展的网络服务
章文嵩:使用Lvs集群架设高可扩展的网络服务drewz lin
 
Cloudsnetworking
CloudsnetworkingCloudsnetworking
Cloudsnetworkingdrewz lin
 
Agile 2012 contracting 2 step
Agile 2012 contracting 2 stepAgile 2012 contracting 2 step
Agile 2012 contracting 2 stepdrewz lin
 
Agile2012 uxd design mapping
Agile2012 uxd design mappingAgile2012 uxd design mapping
Agile2012 uxd design mappingdrewz lin
 
Track1dongsiying4
Track1dongsiying4Track1dongsiying4
Track1dongsiying4drewz lin
 
Q con成都主题演讲【弹性计算】by马介悦
Q con成都主题演讲【弹性计算】by马介悦Q con成都主题演讲【弹性计算】by马介悦
Q con成都主题演讲【弹性计算】by马介悦drewz lin
 
Superhei 我的安全世界观(删节版)
Superhei 我的安全世界观(删节版)Superhei 我的安全世界观(删节版)
Superhei 我的安全世界观(删节版)drewz lin
 
Agile2012 klingon
Agile2012 klingonAgile2012 klingon
Agile2012 klingondrewz lin
 
Christian Union
Christian Union Christian Union
Christian Union Dustinv98
 
Axis 黑客来了怎么办
Axis 黑客来了怎么办Axis 黑客来了怎么办
Axis 黑客来了怎么办drewz lin
 
Blue whale hot spots o... lanes, raising threats
Blue whale hot spots o... lanes, raising threatsBlue whale hot spots o... lanes, raising threats
Blue whale hot spots o... lanes, raising threatsLisa Schmidt
 

Viewers also liked (20)

Automated softwaretestingmagazine april2013
Automated softwaretestingmagazine april2013Automated softwaretestingmagazine april2013
Automated softwaretestingmagazine april2013
 
Djt22 justinliu djt.qq.com
Djt22 justinliu djt.qq.comDjt22 justinliu djt.qq.com
Djt22 justinliu djt.qq.com
 
云安全防护的战略思考
云安全防护的战略思考云安全防护的战略思考
云安全防护的战略思考
 
Top100summit 宗刚-全生命周期性能评估体系的实践
Top100summit 宗刚-全生命周期性能评估体系的实践Top100summit 宗刚-全生命周期性能评估体系的实践
Top100summit 宗刚-全生命周期性能评估体系的实践
 
云存储与虚拟化分论坛 生活在云端 蔡礼洪
云存储与虚拟化分论坛 生活在云端 蔡礼洪云存储与虚拟化分论坛 生活在云端 蔡礼洪
云存储与虚拟化分论坛 生活在云端 蔡礼洪
 
Global agilityagile2012
Global agilityagile2012Global agilityagile2012
Global agilityagile2012
 
4 高阳 淘宝主站cgroup资源控制实践
4 高阳 淘宝主站cgroup资源控制实践4 高阳 淘宝主站cgroup资源控制实践
4 高阳 淘宝主站cgroup资源控制实践
 
Improving communication through improvisation half day workshop student ver...
Improving communication through improvisation half day workshop student ver...Improving communication through improvisation half day workshop student ver...
Improving communication through improvisation half day workshop student ver...
 
章文嵩:使用Lvs集群架设高可扩展的网络服务
章文嵩:使用Lvs集群架设高可扩展的网络服务章文嵩:使用Lvs集群架设高可扩展的网络服务
章文嵩:使用Lvs集群架设高可扩展的网络服务
 
Cloudsnetworking
CloudsnetworkingCloudsnetworking
Cloudsnetworking
 
Agile 2012 contracting 2 step
Agile 2012 contracting 2 stepAgile 2012 contracting 2 step
Agile 2012 contracting 2 step
 
Agile2012 uxd design mapping
Agile2012 uxd design mappingAgile2012 uxd design mapping
Agile2012 uxd design mapping
 
Track1dongsiying4
Track1dongsiying4Track1dongsiying4
Track1dongsiying4
 
Q con成都主题演讲【弹性计算】by马介悦
Q con成都主题演讲【弹性计算】by马介悦Q con成都主题演讲【弹性计算】by马介悦
Q con成都主题演讲【弹性计算】by马介悦
 
Superhei 我的安全世界观(删节版)
Superhei 我的安全世界观(删节版)Superhei 我的安全世界观(删节版)
Superhei 我的安全世界观(删节版)
 
Agile2012 klingon
Agile2012 klingonAgile2012 klingon
Agile2012 klingon
 
Christian Union
Christian Union Christian Union
Christian Union
 
Axis 黑客来了怎么办
Axis 黑客来了怎么办Axis 黑客来了怎么办
Axis 黑客来了怎么办
 
Kenneth vannessa
Kenneth vannessaKenneth vannessa
Kenneth vannessa
 
Blue whale hot spots o... lanes, raising threats
Blue whale hot spots o... lanes, raising threatsBlue whale hot spots o... lanes, raising threats
Blue whale hot spots o... lanes, raising threats
 

More from drewz lin

Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
 
Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013drewz lin
 
Phu appsec13
Phu appsec13Phu appsec13
Phu appsec13drewz lin
 
Owasp2013 johannesullrich
Owasp2013 johannesullrichOwasp2013 johannesullrich
Owasp2013 johannesullrichdrewz lin
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
 
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2drewz lin
 
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfDefeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfdrewz lin
 
Csrf not-all-defenses-are-created-equal
Csrf not-all-defenses-are-created-equalCsrf not-all-defenses-are-created-equal
Csrf not-all-defenses-are-created-equaldrewz lin
 
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21drewz lin
 
Appsec usa roberthansen
Appsec usa roberthansenAppsec usa roberthansen
Appsec usa roberthansendrewz lin
 
Appsec usa2013 js_libinsecurity_stefanodipaola
Appsec usa2013 js_libinsecurity_stefanodipaolaAppsec usa2013 js_libinsecurity_stefanodipaola
Appsec usa2013 js_libinsecurity_stefanodipaoladrewz lin
 
Appsec2013 presentation-dickson final-with_all_final_edits
Appsec2013 presentation-dickson final-with_all_final_editsAppsec2013 presentation-dickson final-with_all_final_edits
Appsec2013 presentation-dickson final-with_all_final_editsdrewz lin
 
Appsec2013 presentation
Appsec2013 presentationAppsec2013 presentation
Appsec2013 presentationdrewz lin
 
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsAppsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsdrewz lin
 
Appsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martinAppsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martindrewz lin
 
Amol scadaowasp
Amol scadaowaspAmol scadaowasp
Amol scadaowaspdrewz lin
 
Agile sdlc-v1.1-owasp-app sec-usa
Agile sdlc-v1.1-owasp-app sec-usaAgile sdlc-v1.1-owasp-app sec-usa
Agile sdlc-v1.1-owasp-app sec-usadrewz lin
 
Vulnex app secusa2013
Vulnex app secusa2013Vulnex app secusa2013
Vulnex app secusa2013drewz lin
 
基于虚拟化技术的分布式软件测试框架
基于虚拟化技术的分布式软件测试框架基于虚拟化技术的分布式软件测试框架
基于虚拟化技术的分布式软件测试框架drewz lin
 
新浪微博稳定性经验谈
新浪微博稳定性经验谈新浪微博稳定性经验谈
新浪微博稳定性经验谈drewz lin
 

More from drewz lin (20)

Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-keary
 
Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013Via forensics appsecusa-nov-2013
Via forensics appsecusa-nov-2013
 
Phu appsec13
Phu appsec13Phu appsec13
Phu appsec13
 
Owasp2013 johannesullrich
Owasp2013 johannesullrichOwasp2013 johannesullrich
Owasp2013 johannesullrich
 
Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2Owasp advanced mobile-application-code-review-techniques-v0.2
Owasp advanced mobile-application-code-review-techniques-v0.2
 
I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2I mas appsecusa-nov13-v2
I mas appsecusa-nov13-v2
 
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfDefeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolf
 
Csrf not-all-defenses-are-created-equal
Csrf not-all-defenses-are-created-equalCsrf not-all-defenses-are-created-equal
Csrf not-all-defenses-are-created-equal
 
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21
 
Appsec usa roberthansen
Appsec usa roberthansenAppsec usa roberthansen
Appsec usa roberthansen
 
Appsec usa2013 js_libinsecurity_stefanodipaola
Appsec usa2013 js_libinsecurity_stefanodipaolaAppsec usa2013 js_libinsecurity_stefanodipaola
Appsec usa2013 js_libinsecurity_stefanodipaola
 
Appsec2013 presentation-dickson final-with_all_final_edits
Appsec2013 presentation-dickson final-with_all_final_editsAppsec2013 presentation-dickson final-with_all_final_edits
Appsec2013 presentation-dickson final-with_all_final_edits
 
Appsec2013 presentation
Appsec2013 presentationAppsec2013 presentation
Appsec2013 presentation
 
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsAppsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitations
 
Appsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martinAppsec2013 assurance tagging-robert martin
Appsec2013 assurance tagging-robert martin
 
Amol scadaowasp
Amol scadaowaspAmol scadaowasp
Amol scadaowasp
 
Agile sdlc-v1.1-owasp-app sec-usa
Agile sdlc-v1.1-owasp-app sec-usaAgile sdlc-v1.1-owasp-app sec-usa
Agile sdlc-v1.1-owasp-app sec-usa
 
Vulnex app secusa2013
Vulnex app secusa2013Vulnex app secusa2013
Vulnex app secusa2013
 
基于虚拟化技术的分布式软件测试框架
基于虚拟化技术的分布式软件测试框架基于虚拟化技术的分布式软件测试框架
基于虚拟化技术的分布式软件测试框架
 
新浪微博稳定性经验谈
新浪微博稳定性经验谈新浪微博稳定性经验谈
新浪微博稳定性经验谈
 

Cnhawk 建设新企业安全体系