How Suning Built a Comprehensive Information Security Architecture

1. Introduction

In recent years, network security incidents such as malware, data leaks, and online fraud have become commonplace, drawing unprecedented societal attention. For e‑commerce companies like Suning, protecting consumer privacy and providing reliable services is essential.

2. Security Organization Structure

Suning’s security function is divided into management and R&D. The security management center, reporting directly to the CTO, coordinates all security matters, while the data‑cloud team handles security R&D. Independent security units exist in subsidiaries as needed.

3. Security Protection System Construction

Initially part of the network operations team, Suning’s security department later assumed responsibilities for attack defense, risk detection, and vulnerability handling, developing several core systems:

Suning Security Protection Platform : offline intrusion analysis, real‑time attack detection, and big‑data analytics to defend against common network attacks.

Suning Intelligent Data Risk Control Platform : device fingerprinting, human‑machine verification, sensitive data filtering, and a risk information database powered by adaptive algorithms.

Suning Security Service Platform : provides internal services such as vulnerability scanning, penetration testing, system hardening, and security training.

Suning Security Emergency Response Center : manages vulnerability handling and threat intelligence collection, fostering industry collaboration.

These four systems form the core of Suning’s security protection architecture.

When high‑volume coupon purchases attract scalpers ("黄牛"), the data risk control platform identifies suspicious behavior, while the protection platform’s WAF attempts to block the traffic. Because scalper requests resemble legitimate traffic, Suning integrated a risk blacklist shared between the two platforms, creating a closed‑loop defense.

To address fragmented data across security tools, Suning is developing a big‑data‑based threat perception system that aggregates logs from core security systems, applies correlation and anomaly detection algorithms, and enriches threat intelligence for proactive defense.

4. Security Management System Construction

Suning emphasizes both external defenses (WAF, IDS/IPS, risk control, vulnerability scanning) and internal security management. After a vulnerability is discovered, the security management center assesses impact, coordinates remediation, and enforces accountability, while also providing regular security training for developers.

5. Conclusion

Security is an ongoing arms race; Suning’s architecture evolves from traditional hardware to cloud‑based, big‑data and machine‑learning‑driven solutions. Continuous innovation and integration are essential to stay ahead of threats.