A leap from concept to practice! How does the cloud's native "immune system" fight organically?

On July 16, the Alibaba Cloud Native Security Online Special Event with the theme of "Native Security at Twice the Speed: Full Integration into Infrastructure" concluded, explaining how cloud-based capabilities can solve new security challenges in the digital economy era and make high-level security a kind of infrastructure and a "booster" for the development of digital business.

[[412409]]

Infrastructure is security, and native immunity solves the fundamental problem

The direct changes brought about by the digital transformation of enterprises are changes in IT architecture and business forms. The distributed architecture created to meet the business requirements for network and performance has led to the "distribution" of business to different physical locations, and the traditional security boundaries have disappeared. At the same time, business has become more flexible due to digitalization, and new applications and new services can be quickly launched or iterated, but security protection cannot follow up quickly.

A report released by McAfee on the evolution of cyber threats and related cybercrime activities in the second quarter of 2020 showed that the total number of new malware samples increased by 11.5% during the tracking period, with 419 new threats appearing every minute.

The Balbix "2020 Enterprise Security Posture Report" survey report released by Freebuf shows that more than 40% of organizations need 24 hours or even longer to identify vulnerable systems, making it almost impossible for them to prevent the outbreak of fast-spreading ransomware or malware infections.

This was confirmed by a report from Mandiant, a world-renowned cybersecurity company, that the number of organizations victimized by ransomware increased by 422% in 2020.

Faced with increasingly complex business logic and increasingly advanced attack methods, traditional fragmented "perimeter protection" security solutions are like scratching an itch through a shoe in the face of new security challenges in the digital age and are unable to solve the most fundamental security problems.

Changes in the underlying cloud infrastructure have brought new changes to security.

Fragmented security capabilities are transformed into a systematic, globally interconnected native immune system by being integrated into the naturally integrated cloud infrastructure. This reduces complex security issues into extremely simple and intelligent native protections, and achieves infrastructure-as-security.

During the live event, Ouyang Xin, senior director of Alibaba Cloud Intelligent Security, released Alibaba Cloud's native security capability system, which achieves a qualitative change in security effects by fully integrating security capabilities into the infrastructure. Taking emergency response as an example, based on global threat detection and network-wide collaborative defense on the cloud, the average emergency response time on the cloud can be shortened to 1 hour, far less than the industry's average of 24 hours, which can reduce the absolute value of the losses caused by threats to enterprises.

Alibaba Cloud has been promoting the continuous "growth" of the cloud's native immune system and providing it in the form of security services. Customers can call it on demand and pay by volume to build a security system that better meets their own business needs.

Three lines of defense, native immune organic warfare

Let’s use the three lines of defense of the human immune system as an analogy:

First Line of Defense

Skin-level protection blocks pathogens from invading the human body and has a bactericidal effect.
The security capabilities of the cloud platform infrastructure itself are like the first line of defense of the human body, providing the most basic security protection for cloud-based enterprises. After enterprises go to the cloud, in addition to not having to worry about the most basic physical hardware security such as fire protection, electrical protection, firmware security, etc., Alibaba Cloud also provides three layers of progressive native security capabilities:

1. The three-dimensional secure computing environment on the cloud is based on trusted computing and confidential computing technologies, with tamper-proof chip-level hardware security as the starting point to ensure the security and reliability of the entire cloud computing environment;

2. Data is encrypted by default. All data on the cloud is encrypted by default when it is stored on disk. Field-level encryption is also provided. The master key of the cloud platform that protects customer keys is rotated daily by default, making it impossible to crack.

3. The entire network continuously performs dynamic verification, implements instance-level network isolation through micro-isolation, and creates a zero-trust secure cloud environment through identity authentication, dynamic permission management, network access, etc.

Second Line of Defense

Macrophages are a natural defense function that humans have gradually established during the evolution process. They are native to humans and have a defensive effect against a variety of pathogens.

The same is true for Alibaba Cloud's cloud infrastructure. Cloud products have a default security gene since their birth. Currently, Alibaba Cloud's 10 product lines and 50 products have 522 core security capabilities. Customers can enjoy cloud services with security genes when they go to the cloud.

[[412410]]

At the same time, security products born from the cloud will be deeply integrated with cloud product services such as ECS, cloud storage, database, and cloud network. The moment customers go to the cloud and activate cloud product services, they can choose to enable a higher level of security protection capabilities at the same time, bringing security capabilities infinitely close to the edge of customer business. For example, when using CDN services, you can enable the Web Application Firewall. At the edge nodes, through frequency control, machine traffic management and other capabilities, you can resist common CC attacks and crawler attacks, thereby balancing business acceleration and security.

The third line of defense

Immune organs and immune cells gradually establish acquired defense functions against more complex pathogens after birth.

Faced with increasingly complex and intelligent security risks, Alibaba Cloud combines the natural advantages of cloud infrastructure to provide customers with a comprehensive security solution covering 61 capabilities in six core areas, helping customers build an in-depth defense system on the cloud.

[[412411]]

The biggest difference from plug-in security is that the security capabilities born from the cloud are deeply integrated with the cloud infrastructure, and naturally have the advantages of the cloud, elastic performance scalability, API-based automatic deployment, flexible operation and maintenance, and global unified management and control; the cloud's rich threat intelligence and security product capabilities are linked to coordinated defense across the entire network, and have undergone large-scale practice and verification in the cloud.

The acquired native high-level security capabilities can solve many complex and advanced attack risks that are difficult to solve offline, and are the unique native immunity of the cloud.

Cloud is Trust

The evolution of cloud-native security is continuously reducing the cost of trust, making the infrastructure itself a more highly available and highly secure trusted computing environment.

Alibaba Cloud's native security capabilities have been recognized by many authoritative organizations, and it is the only cloud in China that has received full recognition from Gartner, Forrester, and IDC for its overall security capabilities.

In the increasingly complex digital business era, simplicity is the best way to eliminate complexity. Security concepts and solutions are being simplified due to the emergence of cloud. As Xiao Li, general manager of Alibaba Cloud Intelligent Security Division, said, we hope to provide customers with simpler and simpler choices in an increasingly complex environment.

Original link: http://click.aliyun.com/m/1000284822/