网络安全态势感知标准在金融行业云场景下的应用实践

Application Practice of Network Security Situation Awareness Standards in Financial Industry Cloud Scenario

围绕金融行业云的网络安全运营需求,基于GB/T 42453—2023《信息安全技术网络安全态势感知通用技术要求》,在银联云上设计和构建了具有安全数据湖、流量解析、多源事件实时关联分析、智能AI安全分析等核心功能的网络安全态势感知平台。该平台能够对运营侧与租户侧面临的安全威胁进行持续监测预警和态势展示,有效满足了云上环境的资产发现、未知威胁检测、全量安全日志统一管理、安全事件处置、安全态势可视化等中小金融机构的安全需求,大幅提升其安全运营效果和效率。

Based on GB/T 42453—2023"Information security technology—General technical requirements for network security situation awareness",network security situation awareness platform with core functional such as secure data lake,traffic analysis,real-time correlation analysis of multi-source events,and intelligent AI security analysis was designed and constructed on UnionPay Cloud to meet the network security operation requirements of financial industry cloud.The platform can continuously monitor,warn,and display the security threats faced by both the operation and tenant sides,effectively meeting the security needs of small and medium-sized financial institutions in cloud environments such as asset discovery,unknown threat detection,unified management of full security logs,security event handling,and security situation visualization,greatly improving their security operation effectiveness and efficiency.