How Cloud‑Native Security Is Turning Into a Built‑In Immunity System

Speaker Introduction

Xiao Li, Vice President of Alibaba Group and General Manager of Alibaba Cloud Security, has nearly 20 years of experience in network security, handling various attack threats and building security both on‑premises and in the cloud.

20 Years Under the Cloud: Plug‑In Security

From 2000 to 2020, thousands of security companies offered hundreds of products marketed as “plug‑and‑play.” In practice, compatibility issues often prevented deployment within a month. Traditional flashy attacks like “Panda Burning Incense” are outdated; recent complex attacks such as SolarWinds and large‑scale DDoS have demonstrated the limits of legacy defenses, while ransomware demands billions in ransom.

Cloud computing fundamentally changes this landscape. For example, the Incaseformat worm that spreads via USB drives was naturally immune in cloud storage, affecting no cloud users. Cloud‑native containers provide snapshot‑based recovery, allowing rapid restoration after ransomware encryption without paying ransom.

Native Security Technology: An Immunity System Integrated into Infrastructure

Alibaba Cloud’s long‑standing security practice highlights three emerging trends:

Security as a Public Resource on‑Demand – Enterprises often have limited security resources but need to handle traffic spikes. By treating security as a SaaS service, resources can be provisioned on demand, as demonstrated by Alibaba’s rapid scaling during the pandemic.

Infrastructure‑Embedded Detection and Protection – Security capabilities are built directly into infrastructure nodes such as SLB load balancers and CDN edge nodes, providing seamless, low‑latency protection without additional configuration.

Proactive Automatic Repair – Modern cloud platforms automatically enable protective shields and self‑heal vulnerabilities, reducing manual patching and minimizing attack windows.

Native Security Philosophy: Absolute Trust and Continuous Skepticism

Complex modern enterprises require simple, trustworthy security models. Data flows across devices, locations, and cloud environments, demanding a holistic “immune system” perspective.

Cloud as Trust

Cloud‑native security reduces trust costs, making the underlying infrastructure a highly available, high‑assurance trusted computing environment.

Chip‑Level Hardware Trust

Hardware‑level security, such as SGX 2.0 and TPM‑based trusted virtualization instances, provides immutable roots of trust. Alibaba Cloud’s seventh‑generation ECS instances embed security chips for trusted boot and zero‑tamper guarantees, enabling secure big‑data processing.

Data‑Default Transparent Encryption

Data is encrypted by default from creation to storage, with automatic key rotation and optional customer‑managed keys, ensuring that even if data is intercepted, it remains unreadable.

Zero‑Trust for Dynamic Factors

Continuous verification of identities, network access, and dynamic permissions creates a zero‑trust environment that adapts to changing threats across the entire cloud ecosystem.

Ultimately, as computing becomes a public utility, cloud security must evolve into an effortless, built‑in immunity system that protects enterprises with minimal operational overhead.