Tagged articles

compliance

137 articles · Page 1 of 2
Raymond Ops
Raymond Ops
Jul 2, 2026 · Information Security

Linux Security Hardening in Practice: 20 Essential Configurations Explained

This comprehensive guide walks you through Linux system hardening by outlining default settings, common pitfalls, and a step‑by‑step checklist of 20 critical configurations covering account policies, SSH, firewall, kernel parameters, file permissions, and audit logging, complete with verification commands, rollback procedures, and real‑world case studies.

Linuxauditcompliance
0 likes · 37 min read
Linux Security Hardening in Practice: 20 Essential Configurations Explained
IT Learning Made Simple
IT Learning Made Simple
Jun 15, 2026 · Information Security

Why Security Architects Are the Guardians of the Digital World

The article explains why security incidents are far from rare, defines the security architect role, outlines core responsibilities, design principles, essential tools, and career paths, and emphasizes the importance of security architecture in protecting data and meeting compliance in the digital age.

AuthorizationData ProtectionRisk Management
0 likes · 10 min read
Why Security Architects Are the Guardians of the Digital World
PMTalk Product Manager Community
PMTalk Product Manager Community
Jun 13, 2026 · Product Management

Essential Traits for AI Product Leaders in the Modern Era

The article outlines how Chinese AI product managers must turn uncertainty into deliverable versions through rapid learning, cheap experimentation, evidence‑based decisions, and strict compliance, while balancing model capabilities, cost, risk, and leveraging AI as both a teammate and a high‑risk component.

AILeveraging AIRapid Experimentation
0 likes · 11 min read
Essential Traits for AI Product Leaders in the Modern Era
Old Zhao – Management Systems Only
Old Zhao – Management Systems Only
Jun 11, 2026 · Industry Insights

Comprehensive Guide to Procurement Bidding: Steps, Roles, and Compliance Standards

This article outlines the full procurement bidding workflow, detailing key participants, the eight major offline steps, common pain points, and how digital platforms can make the process transparent, efficient, and compliant, while highlighting essential compliance requirements and risk mitigation strategies.

biddingcompliancedigital transformation
0 likes · 11 min read
Comprehensive Guide to Procurement Bidding: Steps, Roles, and Compliance Standards
Woodpecker Software Testing
Woodpecker Software Testing
Jun 1, 2026 · Artificial Intelligence

2026 RAG Testing Trends: From ‘Can Run’ to Trustworthy, Controllable, and Testable AI

In 2026, Retrieval‑Augmented Generation (RAG) has become a core reasoning paradigm for high‑compliance domains, prompting a shift from simple output correctness to multi‑stage falsifiable testing, dynamic adversarial knowledge graphs, LLM‑as‑Tester automation, and audit‑ready compliance reporting.

AI testingLLM-as-TesterRAG
0 likes · 8 min read
2026 RAG Testing Trends: From ‘Can Run’ to Trustworthy, Controllable, and Testable AI
Sohu Tech Products
Sohu Tech Products
May 27, 2026 · Mobile Development

Avoid AI Pitfalls: A VibeCoding Checklist for Mobile Developers

This guide warns mobile developers that while VibeCoding can quickly generate SwiftUI, Compose, or Flutter code, they must still address security boundaries, cost implications, compliance rules, performance constraints, data‑schema design, testing, and incident‑response practices before releasing an app to real users.

AIMobile DevelopmentVibeCoding
0 likes · 14 min read
Avoid AI Pitfalls: A VibeCoding Checklist for Mobile Developers
Smart Workplace Lab
Smart Workplace Lab
May 26, 2026 · Information Security

When Employees Secretly Use External AI: A Practical Guide to Enterprise AI Security Governance

The article explains why blanket bans on external AI backfire, introduces a red‑yellow‑green data‑classification routing system with mandatory pre‑masking and audit logs, and provides a three‑step protocol to securely integrate AI while maintaining compliance and business continuity.

AI GovernanceData MaskingEnterprise Security
0 likes · 6 min read
When Employees Secretly Use External AI: A Practical Guide to Enterprise AI Security Governance
Woodpecker Software Testing
Woodpecker Software Testing
May 14, 2026 · Artificial Intelligence

How to Accurately Calculate the Cost‑Benefit of AI Safety Testing

The article breaks down AI safety testing costs—including hidden labor, data and compute, and compliance penalties—quantifies benefits from risk mitigation to strategic value, proposes a dynamic risk‑exposure formula, and shows real‑world ROI cases that turn testing into a measurable investment.

AI GovernanceAI safetyCost-Benefit Analysis
0 likes · 8 min read
How to Accurately Calculate the Cost‑Benefit of AI Safety Testing
AI Engineering
AI Engineering
May 7, 2026 · Artificial Intelligence

China Launches First Generative AI Product Compliance Standard – Drafting Contributors Wanted

Since the 2023 interim AI measures, China has tightened regulations across algorithm filing, data and content security, and ethical use, making compliance a survival requirement; the new national standard outlines a full‑lifecycle framework, three core compliance pathways, and invites experts to help draft it.

AI standardsChinaGenerative AI
0 likes · 6 min read
China Launches First Generative AI Product Compliance Standard – Drafting Contributors Wanted
Chen Tian Universe
Chen Tian Universe
Apr 28, 2026 · Industry Insights

A Beginner’s Guide to Payment Risk Control: All You Need in One Article

This article systematically introduces payment risk‑control fundamentals, covering core terminology, risk categories, black‑market attack methods, system architecture, data and feature pipelines, list management, rule engines, modeling techniques, decision flows, key performance metrics, compliance requirements, and operational best practices.

black market attackscompliancefeature engineering
0 likes · 34 min read
A Beginner’s Guide to Payment Risk Control: All You Need in One Article
AndroidPub
AndroidPub
Apr 27, 2026 · Mobile Development

Avoid AI‑Generated Pitfalls: A VibeCoding Guide for Mobile Developers

The article outlines a practical checklist for mobile developers using VibeCoding AI code generation, covering security, cost, compliance, reliability, performance, testing, and maintenance to ensure that fast‑generated demos become production‑ready apps without hidden risks.

AI code generationVibeCodingclient development
0 likes · 14 min read
Avoid AI‑Generated Pitfalls: A VibeCoding Guide for Mobile Developers
PMTalk Product Manager Community
PMTalk Product Manager Community
Apr 20, 2026 · Product Management

Essential Traits for AI Product Leaders in the Modern Era

The article outlines how AI product managers in China must turn uncertainty into deliverable versions by accelerating learning, running cheap experiments, building complete evidence chains, and balancing model capability, cost, latency, compliance, and risk while embedding rigorous verification and rollback processes into daily product decisions.

AI product managementLearning loopRisk Management
0 likes · 12 min read
Essential Traits for AI Product Leaders in the Modern Era
FunTester
FunTester
Apr 5, 2026 · Operations

How Observability‑Driven Development Can Transform FinTech Reliability

This article explains the core concepts of observability‑driven development for fintech systems, outlines a five‑step pipeline—from data collection with OpenTelemetry to automated remediation—and highlights compliance, performance, and business impact considerations.

FinTechMTTROpenTelemetry
0 likes · 11 min read
How Observability‑Driven Development Can Transform FinTech Reliability
Woodpecker Software Testing
Woodpecker Software Testing
Apr 4, 2026 · Artificial Intelligence

Why 2026 Is the Turning Point for Open-Source Adversarial Testing in High-Risk AI

With AI models now embedded in finance, healthcare, and autonomous driving, the 2025 Gartner report shows 73% of models suffer undetected adversarial failures, prompting a 2026 shift where open-source adversarial testing tools become CI/CD-ready, multi-modal, and compliance-driven, as illustrated by a bank’s RAG chatbot case study.

AI safetyCI/CDadversarial testing
0 likes · 8 min read
Why 2026 Is the Turning Point for Open-Source Adversarial Testing in High-Risk AI
Woodpecker Software Testing
Woodpecker Software Testing
Mar 31, 2026 · Artificial Intelligence

Prompt Testing: The Next Battlefield for Test Engineers

With large language models now core to production, traditional functional, API, and UI tests fail, prompting a shift toward systematic prompt testing that addresses semantic drift, adversarial fragility, bias amplification, and compliance violations through functional soundness, robustness, safety, and performance dimensions integrated into CI/CD pipelines.

AI robustnessBias DetectionCI/CD
0 likes · 8 min read
Prompt Testing: The Next Battlefield for Test Engineers
Mingyi World Elasticsearch
Mingyi World Elasticsearch
Mar 24, 2026 · Information Security

Easysearch Audit Log Walkthrough: Who’s Accessing Your Cluster?

This article guides you through enabling Easysearch's audit log, configuring the security.audit.type parameter, verifying settings in the management UI, and using the audit records to identify external IPs, failed logins, and SSL handshake failures in a production environment.

EasysearchElasticsearchaudit log
0 likes · 12 min read
Easysearch Audit Log Walkthrough: Who’s Accessing Your Cluster?
Woodpecker Software Testing
Woodpecker Software Testing
Mar 4, 2026 · Artificial Intelligence

Practical Cost‑Benefit Analysis for LLM Testing in Production

The article examines how large language model (LLM) testing has shifted from simple bug hunting to a strategic, cost‑benefit discipline, detailing hidden cost categories, a three‑dimensional ROI model, and a decision‑tree framework that helps organizations balance testing investment against risk, compliance and trust gains.

AI ReliabilityCost-Benefit AnalysisLLM testing
0 likes · 8 min read
Practical Cost‑Benefit Analysis for LLM Testing in Production
Woodpecker Software Testing
Woodpecker Software Testing
Mar 3, 2026 · Artificial Intelligence

2026 In‑Depth Comparison of RAG Testing Tools: Finding the Most Trustworthy Solution

RAG systems have reached a trustworthiness tipping point, and in 2026 a surge of testing challenges demands new evaluation metrics; this article benchmarks twelve leading retrieval‑augmented generation testing tools across retrieval quality, generation controllability, observability, security compliance, and CI/CD integration, revealing which solutions best address real‑world finance and government use cases.

AI testingObservabilityRAG
0 likes · 8 min read
2026 In‑Depth Comparison of RAG Testing Tools: Finding the Most Trustworthy Solution
Ops Community
Ops Community
Feb 25, 2026 · Databases

Hardening MySQL 8.4: Permissions, SSL, Auditing & Compliance Guide

This guide provides a step‑by‑step, production‑ready hardening plan for MySQL 8.4, covering permission hierarchy design, strong password policies, audit‑log configuration, TLS encryption, network access controls, firewall rules, backup scripts, monitoring metrics, and best‑practice recommendations to meet PCI‑DSS and Chinese GB/T 22239 compliance.

auditcompliancehardening
0 likes · 27 min read
Hardening MySQL 8.4: Permissions, SSL, Auditing & Compliance Guide
Alibaba Cloud Observability
Alibaba Cloud Observability
Jan 19, 2026 · Information Security

How AI Companies Can Overcome Global Compliance Hurdles with Cloud‑Native Log Auditing

The article explains the complex data‑sovereignty and privacy regulations that AI enterprises face when expanding overseas, analyzes the three‑tier "sandwich" data architecture and regional regulatory differences, and demonstrates how Alibaba Cloud Log Service (SLS) and Cloud Monitoring 2.0 provide unified log collection, cross‑domain correlation, risk tracing, and masking functions to achieve continuous, scalable compliance.

AIData Maskingcloud-native
0 likes · 16 min read
How AI Companies Can Overcome Global Compliance Hurdles with Cloud‑Native Log Auditing
ITPUB
ITPUB
Jan 10, 2026 · Information Security

How Oracle Secures Databases: Deep‑Defense Strategies and Domestic DB Comparison

This article examines the multi‑layered threats facing modern databases, outlines Oracle's comprehensive security capabilities—from firewalls and encryption to auditing and immutable tables—and compares them with the security features of leading domestic database products.

Access ControlDatabase SecurityOracle
0 likes · 27 min read
How Oracle Secures Databases: Deep‑Defense Strategies and Domestic DB Comparison
Woodpecker Software Testing
Woodpecker Software Testing
Dec 31, 2025 · Information Security

Understanding GDPR: Key Principles, Rights, and Compliance Requirements

GDPR, the EU’s General Data Protection Regulation effective since May 2018, imposes strict data‑handling rules worldwide, outlining seven core principles, eight data‑subject rights, mandatory legal bases, DPO appointments, breach notifications, privacy‑by‑design, record‑keeping, cross‑border transfer limits, hefty fines, and its global influence on similar laws.

Data ProtectionData Subject RightsEU Regulation
0 likes · 8 min read
Understanding GDPR: Key Principles, Rights, and Compliance Requirements
Continuous Delivery 2.0
Continuous Delivery 2.0
Nov 20, 2025 · Information Security

Why SBOM Is Critical for Modern Software Security and How to Choose Between SPDX and CycloneDX

The article explains what a Software Bill of Materials (SBOM) is, why it has become a strategic security requirement, compares the leading SPDX and CycloneDX standards, examines China's emerging DSDX format, and offers practical guidance on selecting the right SBOM format and tools for various compliance and risk‑management scenarios.

CycloneDXSBOMSPDX
0 likes · 13 min read
Why SBOM Is Critical for Modern Software Security and How to Choose Between SPDX and CycloneDX
PMTalk Product Manager Community
PMTalk Product Manager Community
Nov 16, 2025 · Product Management

Essential Strategies to Build Successful AI Products from Zero to One

This guide walks through the end‑to‑end process of creating a successful AI product, from discovering real user problems and assessing market fit, through defining a Minimum Viable Intelligent Product, building data‑driven loops, choosing the right models, designing trustworthy UX, and scaling with a sustainable moat.

AIData FlywheelGrowth
0 likes · 17 min read
Essential Strategies to Build Successful AI Products from Zero to One
Python Programming Learning Circle
Python Programming Learning Circle
Nov 13, 2025 · Backend Development

Why Python 3.12 Triggers App Store Rejection and How CPython Is Fixing It

Upgrading a Python project from 3.11 to 3.12 can cause macOS App Store rejections because the new standard library embeds an "itms-services" URL string that Apple’s automated review flags, prompting CPython core developers to propose patches, distribution‑tool options, and a new compliance flag to resolve the issue.

App StoreCPythoncompliance
0 likes · 12 min read
Why Python 3.12 Triggers App Store Rejection and How CPython Is Fixing It
Wu Shixiong's Large Model Academy
Wu Shixiong's Large Model Academy
Nov 4, 2025 · Artificial Intelligence

Why Financial RAG Fails and How to Solve Its Core Challenges

This article explains why Retrieval‑Augmented Generation (RAG) projects in the financial sector often underperform, highlighting data‑structure complexities, document‑parsing hurdles, chunking strategies, compliance constraints, evaluation metrics, and engineering requirements, and offers practical solutions and code examples.

ChunkingEvaluationRAG
0 likes · 10 min read
Why Financial RAG Fails and How to Solve Its Core Challenges
Xiao Liu Lab
Xiao Liu Lab
Oct 30, 2025 · Information Security

Essential Linux Security Baseline for Tier‑3 Compliance: Step‑by‑Step Guide

This article provides a comprehensive, step‑by‑step Linux security baseline for Tier‑3 compliance, covering password policies, login controls, access restrictions, audit logging, intrusion prevention, patch management, and resource limits, complete with executable commands for major distributions.

LinuxSystem Hardeningaudit
0 likes · 9 min read
Essential Linux Security Baseline for Tier‑3 Compliance: Step‑by‑Step Guide
Amazon Cloud Developers
Amazon Cloud Developers
Oct 17, 2025 · Artificial Intelligence

Scaling, Optimizing, and Monitoring Healthcare AI Agents with Amazon Bedrock AgentCore

The article explains how Amazon Bedrock AgentCore enables healthcare providers to deploy AI agents at scale, integrate securely with FHIR‑based systems, meet HIPAA compliance, and streamline tasks such as vaccination appointment scheduling through a detailed architecture, workflow steps, pricing model, and future enhancements.

AgentCoreAmazon BedrockFHIR
0 likes · 14 min read
Scaling, Optimizing, and Monitoring Healthcare AI Agents with Amazon Bedrock AgentCore
Chen Tian Universe
Chen Tian Universe
Sep 27, 2025 · Operations

How to Eliminate Illegal Secondary Clearing (二清) in Payment Platforms: A Complete Compliance Guide

This article explains what secondary clearing (二清) is, why it violates regulations, and provides a step‑by‑step compliance solution—including account structures, payment transaction flows, fund collection, settlement, regulatory clearing, platform transformation checklists, and key interface specifications—to help platforms redesign their settlement processes safely and legally.

Regulationclearingcompliance
0 likes · 17 min read
How to Eliminate Illegal Secondary Clearing (二清) in Payment Platforms: A Complete Compliance Guide
macrozheng
macrozheng
Sep 13, 2025 · Fundamentals

Why 73% of Companies Face Oracle Java Audits and How to Switch to OpenJDK

Recent Dimensional Research data shows that 73% of surveyed enterprises have encountered Oracle‑initiated Java license audits, prompting 15% to complete migration, 22% to start, and 25% to plan moving to OpenJDK or other open‑source JDKs, driven by cost and compliance pressures.

JavaLicense AuditOpenJDK
0 likes · 7 min read
Why 73% of Companies Face Oracle Java Audits and How to Switch to OpenJDK
DevOps in Software Development
DevOps in Software Development
Aug 29, 2025 · Information Security

How Trusted Dependency Libraries Secure Industrial Software Supply Chains

This article analyzes the strategic importance of software supply‑chain security for industrial equipment, outlines challenges such as network isolation, fragmented management, compliance audits, zombie components and supply‑cut risks, and presents a full‑link trusted dependency library architecture that delivers security, efficiency, compliance and strategic autonomy.

architecturecomplianceindustrial
0 likes · 22 min read
How Trusted Dependency Libraries Secure Industrial Software Supply Chains
Software Development Quality
Software Development Quality
Aug 21, 2025 · Information Security

Essential Data Security Red Lines: What Every Employee Must Follow

This document outlines the background, scope, key definitions, and strict data security red lines that all employees must adhere to, including prohibitions on bypassing security measures, unauthorized data use, external disclosures, cross‑border transfers, and requirements for handling sensitive information.

Data ProtectionData Securitycompliance
0 likes · 4 min read
Essential Data Security Red Lines: What Every Employee Must Follow
Ops Development & AI Practice
Ops Development & AI Practice
Aug 4, 2025 · Blockchain

Why ERC-1400 Is the Key to Compliant Security Tokens on Ethereum

The article explains how ERC-1400 extends ERC-20 with built‑in compliance features—such as KYC checks, transfer restrictions, tranche handling, on‑chain document storage, and forced transfer mechanisms—to enable legally compliant tokenization of real‑world assets like equity, bonds, and real‑estate.

ERC-1400EthereumRegulation
0 likes · 7 min read
Why ERC-1400 Is the Key to Compliant Security Tokens on Ethereum
MaGe Linux Operations
MaGe Linux Operations
Jul 9, 2025 · Cloud Native

Master Kubernetes Production Security: Essential Practices & Configurations

This guide walks operations engineers through a comprehensive, layered security model for production Kubernetes clusters, covering cluster hardening, network policies, RBAC, pod security standards, image scanning and signing, runtime monitoring, key management, compliance checks, and recommended tooling.

RBACRuntime monitoringcompliance
0 likes · 13 min read
Master Kubernetes Production Security: Essential Practices & Configurations
DevOps Cloud Academy
DevOps Cloud Academy
Jul 2, 2025 · Artificial Intelligence

How Strong CI/CD Foundations Secure AI-Driven Development

In the AI‑driven development era, teams must harness rapid code‑generation tools while embedding strict security, privacy, and compliance checks through rock‑solid CI/CD pipelines to avoid costly regulatory breaches and maintain trust.

AICI/CDcompliance
0 likes · 9 min read
How Strong CI/CD Foundations Secure AI-Driven Development
Big Data Tech Team
Big Data Tech Team
Jun 9, 2025 · Industry Insights

How AI Large Models Transform Data Governance: 2025 Insights & Best Practices

This article examines the essence of data governance, outlines its four core domains, proposes a strategic and technical implementation roadmap, evaluates effectiveness with the DCAM model, and explores how AI large models can enhance metadata, data quality, and compliance while highlighting practical limitations and future trends.

AI large modelsData Qualitycompliance
0 likes · 9 min read
How AI Large Models Transform Data Governance: 2025 Insights & Best Practices
Continuous Delivery 2.0
Continuous Delivery 2.0
Jun 8, 2025 · Information Security

Why SBOMs Are the Key to Secure Software Supply Chains

This article explains how Software Bill of Materials (SBOM) mirrors hardware BOMs, outlines their core differences, presents best practices, tools, and implementation strategies to improve supply‑chain transparency, compliance, and security for modern software development.

SBOMcompliancesecurity
0 likes · 12 min read
Why SBOMs Are the Key to Secure Software Supply Chains
Continuous Delivery 2.0
Continuous Delivery 2.0
Jun 7, 2025 · Information Security

Unlocking Software Supply Chain Security with SBOM

This article explains how Software Bill of Materials (SBOM) serves as a digital map for component dependency and change management, detailing its functions in visualizing dependencies, detecting version conflicts, ensuring license compliance, and providing supply‑chain risk alerts, ultimately improving development efficiency, security, and regulatory compliance.

SBOMcompliancedependency management
0 likes · 11 min read
Unlocking Software Supply Chain Security with SBOM
ITFLY8 Architecture Home
ITFLY8 Architecture Home
May 30, 2025 · Artificial Intelligence

Explore the Full Spectrum of AI Large Model Architectures

This article presents a comprehensive visual collection of AI large‑model architecture diagrams, covering general frameworks, RAG knowledge‑base systems, agriculture, e‑commerce recommendation, IoT, compliance risk management, agent platforms, and CRM integration, offering a panoramic view of modern AI infrastructure.

AIIoTRAG
0 likes · 3 min read
Explore the Full Spectrum of AI Large Model Architectures
Open Source Linux
Open Source Linux
May 28, 2025 · Operations

How to Navigate Chinese ICP Filing: From Initial Review to Authority Approval

This guide thoroughly explains China's ICP domain filing process—from initial provider review to the communications authority's final approval—detailing each procedural step, DNS resolution impacts, cloud provider policies, technical workarounds, best practices, and scripts to help developers ensure compliance and smooth deployment.

ChinaCloud providersDNS
0 likes · 14 min read
How to Navigate Chinese ICP Filing: From Initial Review to Authority Approval
Mingyi World Elasticsearch
Mingyi World Elasticsearch
May 20, 2025 · Databases

Presenting Easysearch: A Scientific, Cost‑Effective Elasticsearch Alternative for Tender Projects

Easysearch, developed by INFINI Labs as a domestically‑optimized replacement for Elasticsearch 7.10.2, offers high compatibility, enhanced Chinese processing, reduced disk usage, built‑in security, and compliance with Chinese trust‑platform standards, making it a cost‑effective, low‑risk solution for tender‑stage search and analytics.

Chinese text processingData SecurityEasysearch
0 likes · 9 min read
Presenting Easysearch: A Scientific, Cost‑Effective Elasticsearch Alternative for Tender Projects
Big Data Tech Team
Big Data Tech Team
May 15, 2025 · Industry Insights

What a Decade of Data Governance Taught Me: From Chaos to AI‑Driven Automation

Over ten years, the author chronicles the evolution of data governance across finance, government, and manufacturing, highlighting early chaos, tool migrations from Excel to Apache Atlas, AI‑powered quality monitoring, strict compliance across jurisdictions, cross‑department collaboration challenges, and the shift toward autonomous, value‑driven data ecosystems.

AIData ManagementEnterprise Architecture
0 likes · 18 min read
What a Decade of Data Governance Taught Me: From Chaos to AI‑Driven Automation
Old Zhao – Management Systems Only
Old Zhao – Management Systems Only
Apr 23, 2025 · Operations

Why Robust EHS Management Is Critical: 8 Essential Modules for Safe Operations

A solid EHS (Environment, Health, Safety) program prevents costly shutdowns, fines, and accidents by defining clear responsibilities, standardizing processes, and leveraging data across eight key modules—from hazard management to performance tracking—ensuring continuous compliance and operational stability.

EHSRisk Managementcompliance
0 likes · 8 min read
Why Robust EHS Management Is Critical: 8 Essential Modules for Safe Operations
DataFunSummit
DataFunSummit
Mar 24, 2025 · Artificial Intelligence

Large Language Models in Financial Risk Management: Applications, Challenges, and Future Outlook

This article examines how large language models are transforming financial risk management by mapping various risk categories to LLM capabilities, showcasing practical use cases across market, credit, reputation, operational, and anti‑fraud domains, while also discussing technical challenges, data‑space concepts, and future prospects.

Data Spaceartificial-intelligencecompliance
0 likes · 18 min read
Large Language Models in Financial Risk Management: Applications, Challenges, and Future Outlook
Aikesheng Open Source Community
Aikesheng Open Source Community
Mar 6, 2025 · Databases

SQLE 4.2502.0 Release: New Features, Upgrade Guide, and Version Log

SQLE 4.2502.0 has been officially released, introducing SQL compliance rewriting, a performance tracker, a syntax rule knowledge graph, new community and enterprise features, detailed upgrade instructions, and comprehensive version logs highlighting enhancements, bug fixes, and support for multiple database platforms.

Database GovernanceEnterprisePerformance Tracking
0 likes · 12 min read
SQLE 4.2502.0 Release: New Features, Upgrade Guide, and Version Log
Alibaba Cloud Observability
Alibaba Cloud Observability
Jan 13, 2025 · Information Security

Why Log Auditing Is Essential for Cloud Security and Compliance

This article explains the importance of centralized log auditing for breaking information silos, meeting legal requirements, and enhancing security insights, and details how Alibaba Cloud's Simple Log Service (SLS) supports VPC flow log collection, multi‑region aggregation, rule configuration, custom analysis, and alerting.

Alibaba CloudLog AuditingVPC flow logs
0 likes · 18 min read
Why Log Auditing Is Essential for Cloud Security and Compliance
Java Tech Enthusiast
Java Tech Enthusiast
Oct 9, 2024 · Backend Development

Understanding Logical Deletion and Data Compliance in Backend Services

The article explains how many backend services use logical deletion—simply flagging or masking user data instead of physically removing it—to appear compliant with standards like China's GB/T 35273, while highlighting risks such as continued e‑bike control, fraud detection challenges, and missed logout handling.

GB/T 35273Logical DeletionPrivacy
0 likes · 3 min read
Understanding Logical Deletion and Data Compliance in Backend Services
Zhuanzhuan Tech
Zhuanzhuan Tech
Aug 28, 2024 · Big Data

Quality Inspection Data Collection: Design, Architecture, and Applications

This article outlines the design, architecture, and practical applications of a quality inspection data collection system, covering data point structures, reporting mechanisms, compliance analysis, intelligent strategy iteration, and BI dashboards, illustrating how big‑data techniques enable digital transformation of inspection processes.

BIBig Datacompliance
0 likes · 10 min read
Quality Inspection Data Collection: Design, Architecture, and Applications
JD Retail Technology
JD Retail Technology
Aug 28, 2024 · Industry Insights

How JD Retail Secures E‑Commerce with AI‑Driven Content Compliance

This article examines JD Retail's content compliance platform, detailing user‑facing problems, business‑level audit responsibilities, key performance metrics, operational workflows, and a technical case study on detecting price over‑pricing using comparable‑price models and large‑scale price prediction.

Price Anomaly DetectionRisk Managementcompliance
0 likes · 10 min read
How JD Retail Secures E‑Commerce with AI‑Driven Content Compliance
Data Thinking Notes
Data Thinking Notes
Jul 30, 2024 · Information Security

Mastering Data Classification: A Practical Guide to Secure Data Grading

This article outlines the evolution of data security in China, explains why data classification and grading are central to governance, and provides a step‑by‑step framework, principles, implementation details, adjustment triggers, and practical reflections for building effective data protection strategies.

Data GovernanceData SecurityPrivacy
0 likes · 11 min read
Mastering Data Classification: A Practical Guide to Secure Data Grading
Data Thinking Notes
Data Thinking Notes
Jul 25, 2024 · Information Security

How Large Language Models Transform Data Security Compliance Management

This article explains how a leading insurance technology group leverages large language models to streamline data security compliance, detailing the evolution of data management, key governance challenges, multimodal AI architecture, and practical workflows for policy enforcement, risk monitoring, and asset management.

AIData GovernanceData Security
0 likes · 10 min read
How Large Language Models Transform Data Security Compliance Management
Software Development Quality
Software Development Quality
Jul 11, 2024 · Information Security

How to Implement Secure and Compliant Log Management Standards

This guide outlines the purpose, scope, principles, and detailed specifications for log management—including file naming, retention periods, content rules, security handling, and monitoring—to ensure reliable issue tracing, data safety, and regulatory compliance across all system development projects.

MonitoringOperationscompliance
0 likes · 12 min read
How to Implement Secure and Compliant Log Management Standards
Architecture and Beyond
Architecture and Beyond
Jun 1, 2024 · Operations

Comprehensive Guide to Data Backup and Disaster Recovery Strategies

This article examines real-world backup failures, explains why backups are essential, outlines what data and system components should be backed up, describes backup principles, classifications, technologies, and disaster recovery planning, and offers practical guidance for building robust, multi-layered backup strategies.

Cloud BackupIT Operationsbackup
0 likes · 13 min read
Comprehensive Guide to Data Backup and Disaster Recovery Strategies
Architects Research Society
Architects Research Society
May 13, 2024 · Information Security

Microsoft Dynamics 365 Data Security: How Microsoft Protects Your Data in Azure

This article explains how Microsoft Dynamics 365 leverages Azure’s multi‑layer security architecture—including zero‑trust, encryption, role‑based access control, identity management, continuous monitoring, and compliance features—to safeguard data against threats and ensure privacy for enterprises adopting cloud ERP solutions.

AzureData SecurityEncryption
0 likes · 14 min read
Microsoft Dynamics 365 Data Security: How Microsoft Protects Your Data in Azure
vivo Internet Technology
vivo Internet Technology
Apr 10, 2024 · R&D Management

Vivo's Participation in the 2nd OSPO Summit 2024

At the 2nd OSPO Summit 2024 in Shenzhen, Vivo acted as a platinum sponsor and organizing‑committee member, leading the “Qi” thematic session, co‑creating an open‑source tools list, and pledging to boost its OSPO governance, supply‑chain security, and leadership in the broader open‑source ecosystem.

GovernanceOSPOcompliance
0 likes · 5 min read
Vivo's Participation in the 2nd OSPO Summit 2024
Data Thinking Notes
Data Thinking Notes
Feb 27, 2024 · Information Security

How to Build an Effective Enterprise Data Security Governance System

This article explores enterprise data security governance, outlining practical methodologies, implementation pathways, and real-world case studies to guide organizations in planning and establishing robust data security governance frameworks while highlighting key challenges, compliance considerations, and measurable outcomes for sustained protection.

Data SecurityEnterpriseGovernance
0 likes · 2 min read
How to Build an Effective Enterprise Data Security Governance System
vivo Internet Technology
vivo Internet Technology
Feb 26, 2024 · R&D Management

OSPO Maturity Model: Five‑Stage Framework and Checklist

The article introduces a five‑stage OSPO maturity model—ranging from ad‑hoc open‑source use to a strategic technology advisor—detailing essential patterns, recommended community resources, and a practical checklist to help organizations build compliance, advocacy, project‑launch, and governance capabilities for open‑source programs.

Maturity ModelOSPOOpen source governance
0 likes · 16 min read
OSPO Maturity Model: Five‑Stage Framework and Checklist
DataFunSummit
DataFunSummit
Feb 3, 2024 · Artificial Intelligence

Practical Application of Large Language Models in MaShang Consumer Finance: From Model Building to Deployment

This article details how MaShang Consumer Finance leverages large language models for sales, collection, and customer service, covering company background, AI research achievements, model training infrastructure, data‑quality and compliance challenges, prompt engineering, inference acceleration, evaluation methods, and lessons learned from real‑world deployment.

Data QualityLLMModel Deployment
0 likes · 21 min read
Practical Application of Large Language Models in MaShang Consumer Finance: From Model Building to Deployment
iQIYI Technical Product Team
iQIYI Technical Product Team
Feb 2, 2024 · Information Security

iQIYI’s Proactive Compliance Risk Management Platform and Full‑Lifecycle Privacy Protection Solution Recognized as Outstanding Cases by MIIT

iQIYI's proactive compliance risk disposal platform and full‑lifecycle privacy protection scheme were recognized by MIIT as outstanding cases, showcasing engineering‑driven privacy integration across product development, release, and operation, improving compliance rates, reducing risks, and enhancing user experience while setting industry standards.

Data SecuritycomplianceiQIYI
0 likes · 8 min read
iQIYI’s Proactive Compliance Risk Management Platform and Full‑Lifecycle Privacy Protection Solution Recognized as Outstanding Cases by MIIT
DevOps
DevOps
Jan 14, 2024 · Artificial Intelligence

How AI Can Enhance DevOps: Reducing Friction and Boosting Efficiency

The article explains how integrating artificial intelligence into DevOps can automate repetitive tasks, improve feedback loops, enhance monitoring and security, and ultimately reduce operational friction while accelerating software delivery and ensuring compliance.

AIcompliancesecurity
0 likes · 9 min read
How AI Can Enhance DevOps: Reducing Friction and Boosting Efficiency
AntTech
AntTech
Nov 6, 2023 · Information Security

Enterprise Security Compliance Intelligent Certification Wins 2023 China Qualified Assessment Science and Technology Award (Second Prize)

On October 31, the joint Ant Group and China Software Testing Center project "Enterprise Security Compliance Intelligent Certification Key Technologies Research and Application" received the 2023 China Qualified Assessment Science and Technology Award second prize, marking the first time a technology enterprise has earned this top honor in the qualified assessment field and highlighting its breakthroughs in data and network security, automated risk assessment, and large‑scale certification deployment across major financial and tech institutions.

AwardData SecurityEnterprise
0 likes · 4 min read
Enterprise Security Compliance Intelligent Certification Wins 2023 China Qualified Assessment Science and Technology Award (Second Prize)
Data Thinking Notes
Data Thinking Notes
Sep 24, 2023 · Information Security

How to Build a Robust Data Security Governance Framework: Steps & Best Practices

Data security governance, essential for modern enterprises, involves classifying and authorizing data, implementing scenario-based protections, and establishing comprehensive frameworks that address compliance, asset management, process control, and continuous improvement, guiding organizations through strategic planning, organizational structuring, policy creation, and ongoing operational monitoring.

Data SecurityGovernanceRisk Management
0 likes · 15 min read
How to Build a Robust Data Security Governance Framework: Steps & Best Practices
Huolala Tech
Huolala Tech
Aug 15, 2023 · Information Security

How Modern Security Risk Assessment Evolved: Key Features and Practical Insights

This article examines the expanded scope, updated standards, and practical workflow of security risk assessment in today's regulatory environment, offering detailed guidance on assessment criteria, target objects, methodologies, organizational steps, and decision‑making for effective risk management.

Data Protectioncomplianceinformation security
0 likes · 9 min read
How Modern Security Risk Assessment Evolved: Key Features and Practical Insights
DataFunTalk
DataFunTalk
Aug 6, 2023 · Information Security

Data Security Governance and Practices with Alibaba Cloud DataWorks

This article explains how enterprises can implement data security governance in China's digital economy era, covering relevant laws, the essence and direction of data security, Alibaba Cloud DataWorks practices, scenario cases, and a Q&A, offering practical guidance for compliance and risk management.

Alibaba CloudData SecurityGovernance
0 likes · 16 min read
Data Security Governance and Practices with Alibaba Cloud DataWorks
Weimob Technology Center
Weimob Technology Center
Jul 25, 2023 · Information Security

How to Secure Data: Practical Guide to Masking and Encryption Strategies

This comprehensive guide explains why modern enterprises must shift from network‑centric protection to data‑centric security, detailing practical approaches for data masking and storage encryption, evaluating regulatory requirements, outlining solution selection, and providing step‑by‑step implementation practices to safeguard sensitive information.

Data MaskingData SecurityEncryption
0 likes · 29 min read
How to Secure Data: Practical Guide to Masking and Encryption Strategies
Efficient Ops
Efficient Ops
Jun 27, 2023 · Information Security

How a Bank Secures Open‑Source Software: Practices, Policies, and Platforms

This article explains how open‑source technologies drive digital transformation in finance, outlines the regulatory "Opinions" guiding secure, compliant use, and details a comprehensive open‑source security management framework—including lifecycle standards, a dedicated platform, DevOps integration, SBOM adoption, and continuous risk mitigation.

SBOMcompliancedevops
0 likes · 10 min read
How a Bank Secures Open‑Source Software: Practices, Policies, and Platforms
HomeTech
HomeTech
Jun 21, 2023 · Information Security

Transparent Data Masking with AutoProxy Middleware at AutoHome

This article describes AutoHome's data security challenges in the big‑data era and explains how the self‑developed AutoProxy encryption middleware provides transparent, compliant data masking across legacy and new sensitive data, reducing cost, improving performance, and enabling automated masking workflows.

Data MaskingEncryptionMiddleware
0 likes · 8 min read
Transparent Data Masking with AutoProxy Middleware at AutoHome
Ziru Technology
Ziru Technology
Jun 2, 2023 · Information Security

Mastering Data Classification & Grading: Ziroom’s Compliance Blueprint

This article explains how Ziroom implements a comprehensive data classification and grading system to meet the 2021 Data Security Law, improve risk management, optimize security resources, and boost user trust through automated tools, multi‑level categorization, and continuous manual verification.

Data Governancecompliancedata classification
0 likes · 12 min read
Mastering Data Classification & Grading: Ziroom’s Compliance Blueprint
Open Source Linux
Open Source Linux
Apr 12, 2023 · Information Security

Master Linux Security: Essential Baseline Hardening Scripts Explained

This article walks through why Linux servers need baseline hardening, explains baseline concepts and scanning, and provides a comprehensive collection of shell scripts that automatically check and enforce security settings such as password policies, file permissions, service configurations, and network controls.

Baseline HardeningLinuxShell script
0 likes · 23 min read
Master Linux Security: Essential Baseline Hardening Scripts Explained
DataFunTalk
DataFunTalk
Mar 2, 2023 · Information Security

Data Security Governance Practices at Zhongyuan Bank: Framework, Management System, Technical Architecture, and Future Planning

The article details Zhongyuan Bank's comprehensive data security governance, covering the regulatory background, protection objectives, classification of data assets, organizational and procedural management mechanisms, technical safeguards across the data lifecycle, and future planning to enhance compliance and risk mitigation in the banking sector.

Data Governancebankingcompliance
0 likes · 30 min read
Data Security Governance Practices at Zhongyuan Bank: Framework, Management System, Technical Architecture, and Future Planning
dbaplus Community
dbaplus Community
Dec 18, 2022 · Information Security

Simplify Large‑Scale Database Security: Discover, Classify & Encrypt Sensitive Data

This article outlines Vivo’s comprehensive approach to large‑scale database security, covering recent data‑leak incidents, legal compliance, the current challenges of sensitive data governance, a field‑level discovery method, classification standards, automated scoring, and multiple encryption solutions including Proxy, MyBatis, and ShardingSphere.

Data Securitycompliancedata classification
0 likes · 17 min read
Simplify Large‑Scale Database Security: Discover, Classify & Encrypt Sensitive Data
Zhongtong Tech
Zhongtong Tech
Nov 18, 2022 · Information Security

Data Security Insights from CIS 2022: Balancing Compliance and Business Growth

At the CIS 2022 Cybersecurity Innovation Conference in Shanghai, ZTO Express’s security chief shared practical strategies for data security governance, highlighting legal compliance, management vs. technical controls, and the emerging role of privacy computing in sustaining business operations.

Data SecurityEnterprise SecurityPrivacy Computing
0 likes · 5 min read
Data Security Insights from CIS 2022: Balancing Compliance and Business Growth
Programmer DD
Programmer DD
Jun 23, 2022 · Information Security

How to Build an Effective Security Awareness Training Program: A Six‑Step Guide

This article examines the Capital One breach case and outlines a comprehensive six‑step framework for enterprises to develop, implement, and continuously improve security awareness training, covering legal foundations, project planning, material preparation, execution scheduling, performance tracking, and post‑training optimization.

Risk ManagementTraining Programcompliance
0 likes · 7 min read
How to Build an Effective Security Awareness Training Program: A Six‑Step Guide
Architects' Tech Alliance
Architects' Tech Alliance
Jun 16, 2022 · Information Security

Host Security Capability Construction Guide: Key Capabilities, Industry Priorities, and Implementation Process

The Host Security Capability Construction Guide analyzes evolving threats, categorizes security capabilities into basic, enhanced, and advanced levels, details industry-specific priority requirements, and outlines a comprehensive construction and evaluation process to help enterprises select appropriate solutions and build an effective host security framework.

Host SecurityIntrusion Detectionasset inventory
0 likes · 12 min read
Host Security Capability Construction Guide: Key Capabilities, Industry Priorities, and Implementation Process
DevOps Cloud Academy
DevOps Cloud Academy
May 31, 2022 · Information Security

Kubernetes Security Best Practices and Assessment Tools

This article outlines essential Kubernetes security principles based on the 4C model, discusses best practices for clusters, containers, and code, and reviews several open‑source tools such as Kubescape, kube‑bench, Terrascan, kube‑hunter, and Anchore for assessing and improving cluster security.

Cloud Nativecompliancedevops
0 likes · 7 min read
Kubernetes Security Best Practices and Assessment Tools
Dada Group Technology
Dada Group Technology
May 20, 2022 · Backend Development

Design and Evolution of JD Daojia Product Governance System

The article details the background, architecture, early challenges, redesign principles, business and technical issues, and future plans of JD Daojia's product governance system, illustrating how a micro‑service based backend platform detects and resolves compliance problems such as sensitive words, inaccurate weight, and image violations.

MicroservicesSystem Designbackend-architecture
0 likes · 15 min read
Design and Evolution of JD Daojia Product Governance System
Architects Research Society
Architects Research Society
May 17, 2022 · Information Security

Understanding Data Governance, Models, Policies, and Best Practices

The article explains data governance concepts, outlines four common governance models, details key policy elements such as availability, quality, integrity, usability, and security, and highlights the benefits, risks, and best‑practice recommendations for implementing effective data governance in organizations.

Data GovernanceData ManagementData Security
0 likes · 10 min read
Understanding Data Governance, Models, Policies, and Best Practices
JD Tech
JD Tech
Apr 21, 2022 · Cloud Native

Open Source Construction and Sustainable Development – JD Retail Technical Salon Recap

The JD Retail Technical Salon held on April 8, 2022 brought together internal and external experts to share experiences on open‑source projects, cloud‑native messaging, frontend and backend frameworks, and compliance, fostering sustainable open‑source ecosystems and encouraging community participation across JD’s engineering teams.

backendcompliancefrontend
0 likes · 6 min read
Open Source Construction and Sustainable Development – JD Retail Technical Salon Recap