BestHub
Sign in
Tagged articles
126 articles
Page 1 of 2
Woodpecker Software Testing
Woodpecker Software Testing
May 14, 2026 · Artificial Intelligence

How to Accurately Calculate the Cost‑Benefit of AI Safety Testing

The article breaks down AI safety testing costs—including hidden labor, data and compute, and compliance penalties—quantifies benefits from risk mitigation to strategic value, proposes a dynamic risk‑exposure formula, and shows real‑world ROI cases that turn testing into a measurable investment.

AI GovernanceAI Safetyadversarial testing
0 likes · 8 min read
How to Accurately Calculate the Cost‑Benefit of AI Safety Testing
AI Engineering
AI Engineering
May 7, 2026 · Artificial Intelligence

China Launches First Generative AI Product Compliance Standard – Drafting Contributors Wanted

Since the 2023 interim AI measures, China has tightened regulations across algorithm filing, data and content security, and ethical use, making compliance a survival requirement; the new national standard outlines a full‑lifecycle framework, three core compliance pathways, and invites experts to help draft it.

AI StandardsChinaProduct Safety
0 likes · 6 min read
China Launches First Generative AI Product Compliance Standard – Drafting Contributors Wanted
Smart Workplace Lab
Smart Workplace Lab
Apr 28, 2026 · Industry Insights

Why I Get Blamed When Everyone Uses AI? A Responsibility Segmentation Matrix for the Workplace

The article presents a practical responsibility‑segmentation matrix and three‑step agreement that clarify AI recommendation, human approval, and joint signing roles, enabling teams to avoid blame‑shifting, reduce compliance risk, and make AI collaboration transparent and accountable.

AI Governancecomplianceresponsibility matrix
0 likes · 6 min read
Why I Get Blamed When Everyone Uses AI? A Responsibility Segmentation Matrix for the Workplace
PMTalk Product Manager Community
PMTalk Product Manager Community
Apr 20, 2026 · Product Management

Essential Traits for AI Product Leaders in the Modern Era

The article outlines how AI product managers in China must turn uncertainty into deliverable versions by accelerating learning, running cheap experiments, building complete evidence chains, and balancing model capability, cost, latency, compliance, and risk while embedding rigorous verification and rollback processes into daily product decisions.

AI product managementLearning Loopcompliance
0 likes · 12 min read
Essential Traits for AI Product Leaders in the Modern Era
Wu Shixiong's Large Model Academy
Wu Shixiong's Large Model Academy
Apr 10, 2026 · Artificial Intelligence

How to Build a Robust Agent Memory System: Architecture, Management, and Evaluation

This article provides a comprehensive guide to designing, implementing, and evaluating an Agent Memory module for large‑language‑model assistants, covering memory types, short‑ and long‑term storage, conflict resolution, hybrid retrieval, compliance, and practical interview answers.

Agent MemoryHybrid RetrievalInterview Preparation
0 likes · 32 min read
How to Build a Robust Agent Memory System: Architecture, Management, and Evaluation
FunTester
FunTester
Apr 5, 2026 · Operations

How Observability‑Driven Development Can Transform FinTech Reliability

This article explains the core concepts of observability‑driven development for fintech systems, outlines a five‑step pipeline—from data collection with OpenTelemetry to automated remediation—and highlights compliance, performance, and business impact considerations.

FinTechMTTROpenTelemetry
0 likes · 11 min read
How Observability‑Driven Development Can Transform FinTech Reliability
Woodpecker Software Testing
Woodpecker Software Testing
Apr 4, 2026 · Artificial Intelligence

Why 2026 Is the Turning Point for Open-Source Adversarial Testing in High-Risk AI

With AI models now embedded in finance, healthcare, and autonomous driving, the 2025 Gartner report shows 73% of models suffer undetected adversarial failures, prompting a 2026 shift where open-source adversarial testing tools become CI/CD-ready, multi-modal, and compliance-driven, as illustrated by a bank’s RAG chatbot case study.

AI Safetyadversarial testingci/cd
0 likes · 8 min read
Why 2026 Is the Turning Point for Open-Source Adversarial Testing in High-Risk AI
Woodpecker Software Testing
Woodpecker Software Testing
Mar 31, 2026 · Artificial Intelligence

Prompt Testing: The Next Battlefield for Test Engineers

With large language models now core to production, traditional functional, API, and UI tests fail, prompting a shift toward systematic prompt testing that addresses semantic drift, adversarial fragility, bias amplification, and compliance violations through functional soundness, robustness, safety, and performance dimensions integrated into CI/CD pipelines.

AI RobustnessBias DetectionLLM Quality
0 likes · 8 min read
Prompt Testing: The Next Battlefield for Test Engineers
Mingyi World Elasticsearch
Mingyi World Elasticsearch
Mar 24, 2026 · Information Security

Easysearch Audit Log Walkthrough: Who’s Accessing Your Cluster?

This article guides you through enabling Easysearch's audit log, configuring the security.audit.type parameter, verifying settings in the management UI, and using the audit records to identify external IPs, failed logins, and SSL handshake failures in a production environment.

EasysearchElasticsearchSecurity
0 likes · 12 min read
Easysearch Audit Log Walkthrough: Who’s Accessing Your Cluster?
Woodpecker Software Testing
Woodpecker Software Testing
Mar 4, 2026 · Artificial Intelligence

Practical Cost‑Benefit Analysis for LLM Testing in Production

The article examines how large language model (LLM) testing has shifted from simple bug hunting to a strategic, cost‑benefit discipline, detailing hidden cost categories, a three‑dimensional ROI model, and a decision‑tree framework that helps organizations balance testing investment against risk, compliance and trust gains.

AI reliabilityLLM testingcompliance
0 likes · 8 min read
Practical Cost‑Benefit Analysis for LLM Testing in Production
Woodpecker Software Testing
Woodpecker Software Testing
Mar 3, 2026 · Artificial Intelligence

2026 In‑Depth Comparison of RAG Testing Tools: Finding the Most Trustworthy Solution

RAG systems have reached a trustworthiness tipping point, and in 2026 a surge of testing challenges demands new evaluation metrics; this article benchmarks twelve leading retrieval‑augmented generation testing tools across retrieval quality, generation controllability, observability, security compliance, and CI/CD integration, revealing which solutions best address real‑world finance and government use cases.

AI testingObservabilityRAG
0 likes · 8 min read
2026 In‑Depth Comparison of RAG Testing Tools: Finding the Most Trustworthy Solution
Ops Community
Ops Community
Feb 25, 2026 · Databases

Hardening MySQL 8.4: Permissions, SSL, Auditing & Compliance Guide

This guide provides a step‑by‑step, production‑ready hardening plan for MySQL 8.4, covering permission hierarchy design, strong password policies, audit‑log configuration, TLS encryption, network access controls, firewall rules, backup scripts, monitoring metrics, and best‑practice recommendations to meet PCI‑DSS and Chinese GB/T 22239 compliance.

HardeningPermissionsTLS
0 likes · 27 min read
Hardening MySQL 8.4: Permissions, SSL, Auditing & Compliance Guide
Alibaba Cloud Observability
Alibaba Cloud Observability
Jan 19, 2026 · Information Security

How AI Companies Can Overcome Global Compliance Hurdles with Cloud‑Native Log Auditing

The article explains the complex data‑sovereignty and privacy regulations that AI enterprises face when expanding overseas, analyzes the three‑tier "sandwich" data architecture and regional regulatory differences, and demonstrates how Alibaba Cloud Log Service (SLS) and Cloud Monitoring 2.0 provide unified log collection, cross‑domain correlation, risk tracing, and masking functions to achieve continuous, scalable compliance.

AIcloud-nativecompliance
0 likes · 16 min read
How AI Companies Can Overcome Global Compliance Hurdles with Cloud‑Native Log Auditing
ITPUB
ITPUB
Jan 10, 2026 · Information Security

How Oracle Secures Databases: Deep‑Defense Strategies and Domestic DB Comparison

This article examines the multi‑layered threats facing modern databases, outlines Oracle's comprehensive security capabilities—from firewalls and encryption to auditing and immutable tables—and compares them with the security features of leading domestic database products.

Database SecurityOracleaccess control
0 likes · 27 min read
How Oracle Secures Databases: Deep‑Defense Strategies and Domestic DB Comparison
Woodpecker Software Testing
Woodpecker Software Testing
Dec 31, 2025 · Information Security

Understanding GDPR: Key Principles, Rights, and Compliance Requirements

GDPR, the EU’s General Data Protection Regulation effective since May 2018, imposes strict data‑handling rules worldwide, outlining seven core principles, eight data‑subject rights, mandatory legal bases, DPO appointments, breach notifications, privacy‑by‑design, record‑keeping, cross‑border transfer limits, hefty fines, and its global influence on similar laws.

Data ProtectionData Subject RightsEU Regulation
0 likes · 8 min read
Understanding GDPR: Key Principles, Rights, and Compliance Requirements
Continuous Delivery 2.0
Continuous Delivery 2.0
Nov 20, 2025 · Information Security

Why SBOM Is Critical for Modern Software Security and How to Choose Between SPDX and CycloneDX

The article explains what a Software Bill of Materials (SBOM) is, why it has become a strategic security requirement, compares the leading SPDX and CycloneDX standards, examines China's emerging DSDX format, and offers practical guidance on selecting the right SBOM format and tools for various compliance and risk‑management scenarios.

CycloneDXSBOMSPDX
0 likes · 13 min read
Why SBOM Is Critical for Modern Software Security and How to Choose Between SPDX and CycloneDX
PMTalk Product Manager Community
PMTalk Product Manager Community
Nov 16, 2025 · Product Management

Essential Strategies to Build Successful AI Products from Zero to One

This guide walks through the end‑to‑end process of creating a successful AI product, from discovering real user problems and assessing market fit, through defining a Minimum Viable Intelligent Product, building data‑driven loops, choosing the right models, designing trustworthy UX, and scaling with a sustainable moat.

AIData FlywheelGrowth
0 likes · 17 min read
Essential Strategies to Build Successful AI Products from Zero to One
Python Programming Learning Circle
Python Programming Learning Circle
Nov 13, 2025 · Backend Development

Why Python 3.12 Triggers App Store Rejection and How CPython Is Fixing It

Upgrading a Python project from 3.11 to 3.12 can cause macOS App Store rejections because the new standard library embeds an "itms-services" URL string that Apple’s automated review flags, prompting CPython core developers to propose patches, distribution‑tool options, and a new compliance flag to resolve the issue.

App StoreCPythoncompliance
0 likes · 12 min read
Why Python 3.12 Triggers App Store Rejection and How CPython Is Fixing It
Wu Shixiong's Large Model Academy
Wu Shixiong's Large Model Academy
Nov 4, 2025 · Artificial Intelligence

Why Financial RAG Fails and How to Solve Its Core Challenges

This article explains why Retrieval‑Augmented Generation (RAG) projects in the financial sector often underperform, highlighting data‑structure complexities, document‑parsing hurdles, chunking strategies, compliance constraints, evaluation metrics, and engineering requirements, and offers practical solutions and code examples.

EngineeringFinancial AIRAG
0 likes · 10 min read
Why Financial RAG Fails and How to Solve Its Core Challenges
Xiao Liu Lab
Xiao Liu Lab
Oct 30, 2025 · Information Security

Essential Linux Security Baseline for Tier‑3 Compliance: Step‑by‑Step Guide

This article provides a comprehensive, step‑by‑step Linux security baseline for Tier‑3 compliance, covering password policies, login controls, access restrictions, audit logging, intrusion prevention, patch management, and resource limits, complete with executable commands for major distributions.

LinuxPassword policySecurity
0 likes · 9 min read
Essential Linux Security Baseline for Tier‑3 Compliance: Step‑by‑Step Guide
Chen Tian Universe
Chen Tian Universe
Sep 27, 2025 · Operations

How to Eliminate Illegal Secondary Clearing (二清) in Payment Platforms: A Complete Compliance Guide

This article explains what secondary clearing (二清) is, why it violates regulations, and provides a step‑by‑step compliance solution—including account structures, payment transaction flows, fund collection, settlement, regulatory clearing, platform transformation checklists, and key interface specifications—to help platforms redesign their settlement processes safely and legally.

clearingcompliancefund management
0 likes · 17 min read
How to Eliminate Illegal Secondary Clearing (二清) in Payment Platforms: A Complete Compliance Guide
macrozheng
macrozheng
Sep 13, 2025 · Fundamentals

Why 73% of Companies Face Oracle Java Audits and How to Switch to OpenJDK

Recent Dimensional Research data shows that 73% of surveyed enterprises have encountered Oracle‑initiated Java license audits, prompting 15% to complete migration, 22% to start, and 25% to plan moving to OpenJDK or other open‑source JDKs, driven by cost and compliance pressures.

JavaLicense AuditOpenJDK
0 likes · 7 min read
Why 73% of Companies Face Oracle Java Audits and How to Switch to OpenJDK
DevOps in Software Development
DevOps in Software Development
Aug 29, 2025 · Information Security

How Trusted Dependency Libraries Secure Industrial Software Supply Chains

This article analyzes the strategic importance of software supply‑chain security for industrial equipment, outlines challenges such as network isolation, fragmented management, compliance audits, zombie components and supply‑cut risks, and presents a full‑link trusted dependency library architecture that delivers security, efficiency, compliance and strategic autonomy.

Securityarchitecturecompliance
0 likes · 22 min read
How Trusted Dependency Libraries Secure Industrial Software Supply Chains
Software Development Quality
Software Development Quality
Aug 21, 2025 · Information Security

Essential Data Security Red Lines: What Every Employee Must Follow

This document outlines the background, scope, key definitions, and strict data security red lines that all employees must adhere to, including prohibitions on bypassing security measures, unauthorized data use, external disclosures, cross‑border transfers, and requirements for handling sensitive information.

Data Protectioncompliancedata security
0 likes · 4 min read
Essential Data Security Red Lines: What Every Employee Must Follow
Ops Development & AI Practice
Ops Development & AI Practice
Aug 4, 2025 · Blockchain

Why ERC-1400 Is the Key to Compliant Security Tokens on Ethereum

The article explains how ERC-1400 extends ERC-20 with built‑in compliance features—such as KYC checks, transfer restrictions, tranche handling, on‑chain document storage, and forced transfer mechanisms—to enable legally compliant tokenization of real‑world assets like equity, bonds, and real‑estate.

BlockchainERC-1400Ethereum
0 likes · 7 min read
Why ERC-1400 Is the Key to Compliant Security Tokens on Ethereum
MaGe Linux Operations
MaGe Linux Operations
Jul 9, 2025 · Cloud Native

Master Kubernetes Production Security: Essential Practices & Configurations

This guide walks operations engineers through a comprehensive, layered security model for production Kubernetes clusters, covering cluster hardening, network policies, RBAC, pod security standards, image scanning and signing, runtime monitoring, key management, compliance checks, and recommended tooling.

Container SecurityKubernetesRBAC
0 likes · 13 min read
Master Kubernetes Production Security: Essential Practices & Configurations
DevOps Cloud Academy
DevOps Cloud Academy
Jul 2, 2025 · Artificial Intelligence

How Strong CI/CD Foundations Secure AI-Driven Development

In the AI‑driven development era, teams must harness rapid code‑generation tools while embedding strict security, privacy, and compliance checks through rock‑solid CI/CD pipelines to avoid costly regulatory breaches and maintain trust.

AIDevOpsci/cd
0 likes · 9 min read
How Strong CI/CD Foundations Secure AI-Driven Development
Big Data Tech Team
Big Data Tech Team
Jun 9, 2025 · Industry Insights

How AI Large Models Transform Data Governance: 2025 Insights & Best Practices

This article examines the essence of data governance, outlines its four core domains, proposes a strategic and technical implementation roadmap, evaluates effectiveness with the DCAM model, and explores how AI large models can enhance metadata, data quality, and compliance while highlighting practical limitations and future trends.

AI Large ModelsData QualityFuture Trends
0 likes · 9 min read
How AI Large Models Transform Data Governance: 2025 Insights & Best Practices
Continuous Delivery 2.0
Continuous Delivery 2.0
Jun 8, 2025 · Information Security

Why SBOMs Are the Key to Secure Software Supply Chains

This article explains how Software Bill of Materials (SBOM) mirrors hardware BOMs, outlines their core differences, presents best practices, tools, and implementation strategies to improve supply‑chain transparency, compliance, and security for modern software development.

SBOMSecuritycompliance
0 likes · 12 min read
Why SBOMs Are the Key to Secure Software Supply Chains
Continuous Delivery 2.0
Continuous Delivery 2.0
Jun 7, 2025 · Information Security

Unlocking Software Supply Chain Security with SBOM

This article explains how Software Bill of Materials (SBOM) serves as a digital map for component dependency and change management, detailing its functions in visualizing dependencies, detecting version conflicts, ensuring license compliance, and providing supply‑chain risk alerts, ultimately improving development efficiency, security, and regulatory compliance.

SBOMSecuritycompliance
0 likes · 11 min read
Unlocking Software Supply Chain Security with SBOM
ITFLY8 Architecture Home
ITFLY8 Architecture Home
May 30, 2025 · Artificial Intelligence

Explore the Full Spectrum of AI Large Model Architectures

This article presents a comprehensive visual collection of AI large‑model architecture diagrams, covering general frameworks, RAG knowledge‑base systems, agriculture, e‑commerce recommendation, IoT, compliance risk management, agent platforms, and CRM integration, offering a panoramic view of modern AI infrastructure.

AIIoTRAG
0 likes · 3 min read
Explore the Full Spectrum of AI Large Model Architectures
Open Source Linux
Open Source Linux
May 28, 2025 · Operations

How to Navigate Chinese ICP Filing: From Initial Review to Authority Approval

This guide thoroughly explains China's ICP domain filing process—from initial provider review to the communications authority's final approval—detailing each procedural step, DNS resolution impacts, cloud provider policies, technical workarounds, best practices, and scripts to help developers ensure compliance and smooth deployment.

ChinaCloud providersDNS
0 likes · 14 min read
How to Navigate Chinese ICP Filing: From Initial Review to Authority Approval
Mingyi World Elasticsearch
Mingyi World Elasticsearch
May 20, 2025 · Databases

Presenting Easysearch: A Scientific, Cost‑Effective Elasticsearch Alternative for Tender Projects

Easysearch, developed by INFINI Labs as a domestically‑optimized replacement for Elasticsearch 7.10.2, offers high compatibility, enhanced Chinese processing, reduced disk usage, built‑in security, and compliance with Chinese trust‑platform standards, making it a cost‑effective, low‑risk solution for tender‑stage search and analytics.

Chinese text processingEasysearchElasticsearch alternative
0 likes · 9 min read
Presenting Easysearch: A Scientific, Cost‑Effective Elasticsearch Alternative for Tender Projects
Big Data Tech Team
Big Data Tech Team
May 15, 2025 · Industry Insights

What a Decade of Data Governance Taught Me: From Chaos to AI‑Driven Automation

Over ten years, the author chronicles the evolution of data governance across finance, government, and manufacturing, highlighting early chaos, tool migrations from Excel to Apache Atlas, AI‑powered quality monitoring, strict compliance across jurisdictions, cross‑department collaboration challenges, and the shift toward autonomous, value‑driven data ecosystems.

AIData Managementcompliance
0 likes · 18 min read
What a Decade of Data Governance Taught Me: From Chaos to AI‑Driven Automation
Old Zhao – Management Systems Only
Old Zhao – Management Systems Only
Apr 23, 2025 · Operations

Why Robust EHS Management Is Critical: 8 Essential Modules for Safe Operations

A solid EHS (Environment, Health, Safety) program prevents costly shutdowns, fines, and accidents by defining clear responsibilities, standardizing processes, and leveraging data across eight key modules—from hazard management to performance tracking—ensuring continuous compliance and operational stability.

EHScomplianceenvironmental health safety
0 likes · 8 min read
Why Robust EHS Management Is Critical: 8 Essential Modules for Safe Operations
DataFunSummit
DataFunSummit
Mar 24, 2025 · Artificial Intelligence

Large Language Models in Financial Risk Management: Applications, Challenges, and Future Outlook

This article examines how large language models are transforming financial risk management by mapping various risk categories to LLM capabilities, showcasing practical use cases across market, credit, reputation, operational, and anti‑fraud domains, while also discussing technical challenges, data‑space concepts, and future prospects.

Data Spaceartificial intelligencecompliance
0 likes · 18 min read
Large Language Models in Financial Risk Management: Applications, Challenges, and Future Outlook
Aikesheng Open Source Community
Aikesheng Open Source Community
Mar 6, 2025 · Databases

SQLE 4.2502.0 Release: New Features, Upgrade Guide, and Version Log

SQLE 4.2502.0 has been officially released, introducing SQL compliance rewriting, a performance tracker, a syntax rule knowledge graph, new community and enterprise features, detailed upgrade instructions, and comprehensive version logs highlighting enhancements, bug fixes, and support for multiple database platforms.

Database GovernanceEnterprisePerformance Tracking
0 likes · 12 min read
SQLE 4.2502.0 Release: New Features, Upgrade Guide, and Version Log
Alibaba Cloud Observability
Alibaba Cloud Observability
Jan 13, 2025 · Information Security

Why Log Auditing Is Essential for Cloud Security and Compliance

This article explains the importance of centralized log auditing for breaking information silos, meeting legal requirements, and enhancing security insights, and details how Alibaba Cloud's Simple Log Service (SLS) supports VPC flow log collection, multi‑region aggregation, rule configuration, custom analysis, and alerting.

Alibaba CloudLog AuditingVPC flow logs
0 likes · 18 min read
Why Log Auditing Is Essential for Cloud Security and Compliance
Java Tech Enthusiast
Java Tech Enthusiast
Oct 9, 2024 · Backend Development

Understanding Logical Deletion and Data Compliance in Backend Services

The article explains how many backend services use logical deletion—simply flagging or masking user data instead of physically removing it—to appear compliant with standards like China's GB/T 35273, while highlighting risks such as continued e‑bike control, fraud detection challenges, and missed logout handling.

GB/T 35273Logical Deletioncompliance
0 likes · 3 min read
Understanding Logical Deletion and Data Compliance in Backend Services
Zhuanzhuan Tech
Zhuanzhuan Tech
Aug 28, 2024 · Big Data

Quality Inspection Data Collection: Design, Architecture, and Applications

This article outlines the design, architecture, and practical applications of a quality inspection data collection system, covering data point structures, reporting mechanisms, compliance analysis, intelligent strategy iteration, and BI dashboards, illustrating how big‑data techniques enable digital transformation of inspection processes.

BIBig Datacompliance
0 likes · 10 min read
Quality Inspection Data Collection: Design, Architecture, and Applications
JD Retail Technology
JD Retail Technology
Aug 28, 2024 · Industry Insights

How JD Retail Secures E‑Commerce with AI‑Driven Content Compliance

This article examines JD Retail's content compliance platform, detailing user‑facing problems, business‑level audit responsibilities, key performance metrics, operational workflows, and a technical case study on detecting price over‑pricing using comparable‑price models and large‑scale price prediction.

Price Anomaly Detectioncompliancecontent moderation
0 likes · 10 min read
How JD Retail Secures E‑Commerce with AI‑Driven Content Compliance
Data Thinking Notes
Data Thinking Notes
Jul 30, 2024 · Information Security

Mastering Data Classification: A Practical Guide to Secure Data Grading

This article outlines the evolution of data security in China, explains why data classification and grading are central to governance, and provides a step‑by‑step framework, principles, implementation details, adjustment triggers, and practical reflections for building effective data protection strategies.

Data Governancecompliancedata classification
0 likes · 11 min read
Mastering Data Classification: A Practical Guide to Secure Data Grading
Data Thinking Notes
Data Thinking Notes
Jul 25, 2024 · Information Security

How Large Language Models Transform Data Security Compliance Management

This article explains how a leading insurance technology group leverages large language models to streamline data security compliance, detailing the evolution of data management, key governance challenges, multimodal AI architecture, and practical workflows for policy enforcement, risk monitoring, and asset management.

AIData Governancecompliance
0 likes · 10 min read
How Large Language Models Transform Data Security Compliance Management
Software Development Quality
Software Development Quality
Jul 11, 2024 · Information Security

How to Implement Secure and Compliant Log Management Standards

This guide outlines the purpose, scope, principles, and detailed specifications for log management—including file naming, retention periods, content rules, security handling, and monitoring—to ensure reliable issue tracing, data safety, and regulatory compliance across all system development projects.

Log ManagementOperationscompliance
0 likes · 12 min read
How to Implement Secure and Compliant Log Management Standards
Architecture and Beyond
Architecture and Beyond
Jun 1, 2024 · Operations

Comprehensive Guide to Data Backup and Disaster Recovery Strategies

This article examines real-world backup failures, explains why backups are essential, outlines what data and system components should be backed up, describes backup principles, classifications, technologies, and disaster recovery planning, and offers practical guidance for building robust, multi-layered backup strategies.

BackupCloud BackupIT Operations
0 likes · 13 min read
Comprehensive Guide to Data Backup and Disaster Recovery Strategies
Architects Research Society
Architects Research Society
May 13, 2024 · Information Security

Microsoft Dynamics 365 Data Security: How Microsoft Protects Your Data in Azure

This article explains how Microsoft Dynamics 365 leverages Azure’s multi‑layer security architecture—including zero‑trust, encryption, role‑based access control, identity management, continuous monitoring, and compliance features—to safeguard data against threats and ensure privacy for enterprises adopting cloud ERP solutions.

AzureMicrosoft Dynamics 365RBAC
0 likes · 14 min read
Microsoft Dynamics 365 Data Security: How Microsoft Protects Your Data in Azure
vivo Internet Technology
vivo Internet Technology
Apr 10, 2024 · R&D Management

Vivo's Participation in the 2nd OSPO Summit 2024

At the 2nd OSPO Summit 2024 in Shenzhen, Vivo acted as a platinum sponsor and organizing‑committee member, leading the “Qi” thematic session, co‑creating an open‑source tools list, and pledging to boost its OSPO governance, supply‑chain security, and leadership in the broader open‑source ecosystem.

EcosystemOSPOVivo
0 likes · 5 min read
Vivo's Participation in the 2nd OSPO Summit 2024
Data Thinking Notes
Data Thinking Notes
Feb 27, 2024 · Information Security

How to Build an Effective Enterprise Data Security Governance System

This article explores enterprise data security governance, outlining practical methodologies, implementation pathways, and real-world case studies to guide organizations in planning and establishing robust data security governance frameworks while highlighting key challenges, compliance considerations, and measurable outcomes for sustained protection.

Enterprisecompliancedata security
0 likes · 2 min read
How to Build an Effective Enterprise Data Security Governance System
vivo Internet Technology
vivo Internet Technology
Feb 26, 2024 · R&D Management

OSPO Maturity Model: Five‑Stage Framework and Checklist

The article introduces a five‑stage OSPO maturity model—ranging from ad‑hoc open‑source use to a strategic technology advisor—detailing essential patterns, recommended community resources, and a practical checklist to help organizations build compliance, advocacy, project‑launch, and governance capabilities for open‑source programs.

Maturity ModelOSPOSBOM
0 likes · 16 min read
OSPO Maturity Model: Five‑Stage Framework and Checklist
DataFunSummit
DataFunSummit
Feb 3, 2024 · Artificial Intelligence

Practical Application of Large Language Models in MaShang Consumer Finance: From Model Building to Deployment

This article details how MaShang Consumer Finance leverages large language models for sales, collection, and customer service, covering company background, AI research achievements, model training infrastructure, data‑quality and compliance challenges, prompt engineering, inference acceleration, evaluation methods, and lessons learned from real‑world deployment.

Data QualityLLMModel Deployment
0 likes · 21 min read
Practical Application of Large Language Models in MaShang Consumer Finance: From Model Building to Deployment
iQIYI Technical Product Team
iQIYI Technical Product Team
Feb 2, 2024 · Information Security

iQIYI’s Proactive Compliance Risk Management Platform and Full‑Lifecycle Privacy Protection Solution Recognized as Outstanding Cases by MIIT

iQIYI's proactive compliance risk disposal platform and full‑lifecycle privacy protection scheme were recognized by MIIT as outstanding cases, showcasing engineering‑driven privacy integration across product development, release, and operation, improving compliance rates, reducing risks, and enhancing user experience while setting industry standards.

compliancedata securityiQIYI
0 likes · 8 min read
iQIYI’s Proactive Compliance Risk Management Platform and Full‑Lifecycle Privacy Protection Solution Recognized as Outstanding Cases by MIIT
DevOps
DevOps
Jan 14, 2024 · Artificial Intelligence

How AI Can Enhance DevOps: Reducing Friction and Boosting Efficiency

The article explains how integrating artificial intelligence into DevOps can automate repetitive tasks, improve feedback loops, enhance monitoring and security, and ultimately reduce operational friction while accelerating software delivery and ensuring compliance.

AISecuritycompliance
0 likes · 9 min read
How AI Can Enhance DevOps: Reducing Friction and Boosting Efficiency
AntTech
AntTech
Nov 6, 2023 · Information Security

Enterprise Security Compliance Intelligent Certification Wins 2023 China Qualified Assessment Science and Technology Award (Second Prize)

On October 31, the joint Ant Group and China Software Testing Center project "Enterprise Security Compliance Intelligent Certification Key Technologies Research and Application" received the 2023 China Qualified Assessment Science and Technology Award second prize, marking the first time a technology enterprise has earned this top honor in the qualified assessment field and highlighting its breakthroughs in data and network security, automated risk assessment, and large‑scale certification deployment across major financial and tech institutions.

AwardEnterprisecertification
0 likes · 4 min read
Enterprise Security Compliance Intelligent Certification Wins 2023 China Qualified Assessment Science and Technology Award (Second Prize)
Data Thinking Notes
Data Thinking Notes
Sep 24, 2023 · Information Security

How to Build a Robust Data Security Governance Framework: Steps & Best Practices

Data security governance, essential for modern enterprises, involves classifying and authorizing data, implementing scenario-based protections, and establishing comprehensive frameworks that address compliance, asset management, process control, and continuous improvement, guiding organizations through strategic planning, organizational structuring, policy creation, and ongoing operational monitoring.

Frameworkcompliancedata security
0 likes · 15 min read
How to Build a Robust Data Security Governance Framework: Steps & Best Practices
Huolala Tech
Huolala Tech
Aug 15, 2023 · Information Security

How Modern Security Risk Assessment Evolved: Key Features and Practical Insights

This article examines the expanded scope, updated standards, and practical workflow of security risk assessment in today's regulatory environment, offering detailed guidance on assessment criteria, target objects, methodologies, organizational steps, and decision‑making for effective risk management.

Data Protectioncomplianceinformation security
0 likes · 9 min read
How Modern Security Risk Assessment Evolved: Key Features and Practical Insights
DataFunTalk
DataFunTalk
Aug 6, 2023 · Information Security

Data Security Governance and Practices with Alibaba Cloud DataWorks

This article explains how enterprises can implement data security governance in China's digital economy era, covering relevant laws, the essence and direction of data security, Alibaba Cloud DataWorks practices, scenario cases, and a Q&A, offering practical guidance for compliance and risk management.

Alibaba Cloudcompliancedata security
0 likes · 16 min read
Data Security Governance and Practices with Alibaba Cloud DataWorks
Weimob Technology Center
Weimob Technology Center
Jul 25, 2023 · Information Security

How to Secure Data: Practical Guide to Masking and Encryption Strategies

This comprehensive guide explains why modern enterprises must shift from network‑centric protection to data‑centric security, detailing practical approaches for data masking and storage encryption, evaluating regulatory requirements, outlining solution selection, and providing step‑by‑step implementation practices to safeguard sensitive information.

compliancedata maskingdata security
0 likes · 29 min read
How to Secure Data: Practical Guide to Masking and Encryption Strategies
Efficient Ops
Efficient Ops
Jun 27, 2023 · Information Security

How a Bank Secures Open‑Source Software: Practices, Policies, and Platforms

This article explains how open‑source technologies drive digital transformation in finance, outlines the regulatory "Opinions" guiding secure, compliant use, and details a comprehensive open‑source security management framework—including lifecycle standards, a dedicated platform, DevOps integration, SBOM adoption, and continuous risk mitigation.

DevOpsSBOMcompliance
0 likes · 10 min read
How a Bank Secures Open‑Source Software: Practices, Policies, and Platforms
HomeTech
HomeTech
Jun 21, 2023 · Information Security

Transparent Data Masking with AutoProxy Middleware at AutoHome

This article describes AutoHome's data security challenges in the big‑data era and explains how the self‑developed AutoProxy encryption middleware provides transparent, compliant data masking across legacy and new sensitive data, reducing cost, improving performance, and enabling automated masking workflows.

Transparent Encryptionauto-proxycompliance
0 likes · 8 min read
Transparent Data Masking with AutoProxy Middleware at AutoHome
Ziru Technology
Ziru Technology
Jun 2, 2023 · Information Security

Mastering Data Classification & Grading: Ziroom’s Compliance Blueprint

This article explains how Ziroom implements a comprehensive data classification and grading system to meet the 2021 Data Security Law, improve risk management, optimize security resources, and boost user trust through automated tools, multi‑level categorization, and continuous manual verification.

Data Governancecompliancedata classification
0 likes · 12 min read
Mastering Data Classification & Grading: Ziroom’s Compliance Blueprint
Open Source Linux
Open Source Linux
Apr 12, 2023 · Information Security

Master Linux Security: Essential Baseline Hardening Scripts Explained

This article walks through why Linux servers need baseline hardening, explains baseline concepts and scanning, and provides a comprehensive collection of shell scripts that automatically check and enforce security settings such as password policies, file permissions, service configurations, and network controls.

Baseline HardeningLinuxSecurity
0 likes · 23 min read
Master Linux Security: Essential Baseline Hardening Scripts Explained
DataFunTalk
DataFunTalk
Mar 2, 2023 · Information Security

Data Security Governance Practices at Zhongyuan Bank: Framework, Management System, Technical Architecture, and Future Planning

The article details Zhongyuan Bank's comprehensive data security governance, covering the regulatory background, protection objectives, classification of data assets, organizational and procedural management mechanisms, technical safeguards across the data lifecycle, and future planning to enhance compliance and risk mitigation in the banking sector.

BankingData Governancecompliance
0 likes · 30 min read
Data Security Governance Practices at Zhongyuan Bank: Framework, Management System, Technical Architecture, and Future Planning
dbaplus Community
dbaplus Community
Dec 18, 2022 · Information Security

Simplify Large‑Scale Database Security: Discover, Classify & Encrypt Sensitive Data

This article outlines Vivo’s comprehensive approach to large‑scale database security, covering recent data‑leak incidents, legal compliance, the current challenges of sensitive data governance, a field‑level discovery method, classification standards, automated scoring, and multiple encryption solutions including Proxy, MyBatis, and ShardingSphere.

compliancedata classificationdata security
0 likes · 17 min read
Simplify Large‑Scale Database Security: Discover, Classify & Encrypt Sensitive Data
Zhongtong Tech
Zhongtong Tech
Nov 18, 2022 · Information Security

Data Security Insights from CIS 2022: Balancing Compliance and Business Growth

At the CIS 2022 Cybersecurity Innovation Conference in Shanghai, ZTO Express’s security chief shared practical strategies for data security governance, highlighting legal compliance, management vs. technical controls, and the emerging role of privacy computing in sustaining business operations.

Privacy Computingcompliancedata security
0 likes · 5 min read
Data Security Insights from CIS 2022: Balancing Compliance and Business Growth
Programmer DD
Programmer DD
Jun 23, 2022 · Information Security

How to Build an Effective Security Awareness Training Program: A Six‑Step Guide

This article examines the Capital One breach case and outlines a comprehensive six‑step framework for enterprises to develop, implement, and continuously improve security awareness training, covering legal foundations, project planning, material preparation, execution scheduling, performance tracking, and post‑training optimization.

complianceinformation securityrisk management
0 likes · 7 min read
How to Build an Effective Security Awareness Training Program: A Six‑Step Guide
Architects' Tech Alliance
Architects' Tech Alliance
Jun 16, 2022 · Information Security

Host Security Capability Construction Guide: Key Capabilities, Industry Priorities, and Implementation Process

The Host Security Capability Construction Guide analyzes evolving threats, categorizes security capabilities into basic, enhanced, and advanced levels, details industry-specific priority requirements, and outlines a comprehensive construction and evaluation process to help enterprises select appropriate solutions and build an effective host security framework.

Host Securityasset inventorycompliance
0 likes · 12 min read
Host Security Capability Construction Guide: Key Capabilities, Industry Priorities, and Implementation Process
DevOps Cloud Academy
DevOps Cloud Academy
May 31, 2022 · Information Security

Kubernetes Security Best Practices and Assessment Tools

This article outlines essential Kubernetes security principles based on the 4C model, discusses best practices for clusters, containers, and code, and reviews several open‑source tools such as Kubescape, kube‑bench, Terrascan, kube‑hunter, and Anchore for assessing and improving cluster security.

Cloud NativeDevOpsKubernetes
0 likes · 7 min read
Kubernetes Security Best Practices and Assessment Tools
Dada Group Technology
Dada Group Technology
May 20, 2022 · Backend Development

Design and Evolution of JD Daojia Product Governance System

The article details the background, architecture, early challenges, redesign principles, business and technical issues, and future plans of JD Daojia's product governance system, illustrating how a micro‑service based backend platform detects and resolves compliance problems such as sensitive words, inaccurate weight, and image violations.

Backend ArchitectureMicroservicesSystem Design
0 likes · 15 min read
Design and Evolution of JD Daojia Product Governance System
Architects Research Society
Architects Research Society
May 17, 2022 · Information Security

Understanding Data Governance, Models, Policies, and Best Practices

The article explains data governance concepts, outlines four common governance models, details key policy elements such as availability, quality, integrity, usability, and security, and highlights the benefits, risks, and best‑practice recommendations for implementing effective data governance in organizations.

Data GovernanceData Managementcompliance
0 likes · 10 min read
Understanding Data Governance, Models, Policies, and Best Practices
JD Tech
JD Tech
Apr 21, 2022 · Cloud Native

Open Source Construction and Sustainable Development – JD Retail Technical Salon Recap

The JD Retail Technical Salon held on April 8, 2022 brought together internal and external experts to share experiences on open‑source projects, cloud‑native messaging, frontend and backend frameworks, and compliance, fostering sustainable open‑source ecosystems and encouraging community participation across JD’s engineering teams.

Backendcompliancefrontend
0 likes · 6 min read
Open Source Construction and Sustainable Development – JD Retail Technical Salon Recap
JD Tech
JD Tech
Apr 20, 2022 · Information Security

Privacy Compliance Governance Practices in JD Finance Mobile App

This article details JD Finance's comprehensive privacy compliance governance for its mobile app, covering regulatory background, scope definition, key risk areas, policy and permission management, data encryption, sensitive API handling, third‑party SDK control, tooling such as Pandora Kit and Lancet, and the Utrust platform for automated detection and remediation.

SDKcompliancedata encryption
0 likes · 25 min read
Privacy Compliance Governance Practices in JD Finance Mobile App
JD Retail Technology
JD Retail Technology
Apr 13, 2022 · Industry Insights

What Drives Sustainable Open‑Source Success? Insights from JD’s Tech Salon

On April 8 2022, JDTECH and JD Retail’s Platform Business R&D co‑hosted a hybrid technical salon on open‑source construction and sustainable development, featuring internal and external experts who shared practical experiences, architectural designs, compliance guidelines, and strategies for building lasting open‑source ecosystems within the company.

Apache PulsarDubboShenYu
0 likes · 7 min read
What Drives Sustainable Open‑Source Success? Insights from JD’s Tech Salon
Youzan Coder
Youzan Coder
Mar 14, 2022 · Information Security

Android Privacy Protection: Privacy API and Permission HOOK Implementation Practice

To meet new Chinese privacy regulations, the article presents an mPaaS‑based solution that uses compile‑time Java HOOKs to replace privacy‑sensitive API calls and dangerous permission requests, automatically detecting and logging violations during build and runtime, and providing backend alerts and management tools for compliance.

ASMAndroidBytecode Manipulation
0 likes · 14 min read
Android Privacy Protection: Privacy API and Permission HOOK Implementation Practice
HaoDF Tech Team
HaoDF Tech Team
Feb 28, 2022 · Information Security

Partner Data Security Closed‑Loop Management at Haodf Online

This article outlines how Haodf Online implements a closed‑loop partner data security framework—covering background regulations, SDL‑based lifecycle stages, partner information handling, security assessment, API testing, monitoring, and continuous improvement—to protect sensitive medical data across its ecosystem.

API SecuritySDLcompliance
0 likes · 14 min read
Partner Data Security Closed‑Loop Management at Haodf Online
AntTech
AntTech
Feb 21, 2022 · Information Security

Trusted Privacy Computing: A Key Technology for the Emerging Data Confidentiality Era

The article analyzes the shift from plaintext data exchange to a data‑confidentiality era, outlines regulatory drivers, describes technical challenges of privacy‑preserving computation, evaluates existing cryptographic approaches, and argues that trusted privacy computing is the most promising solution to meet performance, reliability, cost, applicability, and security requirements.

Privacy Computingcomplianceconfidential data
0 likes · 19 min read
Trusted Privacy Computing: A Key Technology for the Emerging Data Confidentiality Era
JD Tech Talk
JD Tech Talk
Dec 31, 2021 · Information Security

Design and Implementation of JD Tech Mobile App Privacy Compliance Detection System

This article presents the background, industry challenges, design principles, architecture, core capabilities, and implementation details of JD Tech's privacy compliance detection system for mobile applications, highlighting both static and dynamic analysis techniques to identify and remediate personal data risks.

Dynamic analysisJD Techcompliance
0 likes · 14 min read
Design and Implementation of JD Tech Mobile App Privacy Compliance Detection System
DataFunTalk
DataFunTalk
Nov 7, 2021 · Artificial Intelligence

Federated Learning for Financial Data Sharing: Compliance, Incentives, and Technical Innovations

This presentation explains how federated learning can meet new regulatory requirements for financial data sharing by introducing audit‑enabled models, incentive mechanisms, blockchain‑based data marketplaces, and a Federated AI Hub that together address compliance, security, and practical deployment challenges in the finance sector.

BlockchainData IncentivesFederated Learning
0 likes · 10 min read
Federated Learning for Financial Data Sharing: Compliance, Incentives, and Technical Innovations
21CTO
21CTO
Aug 27, 2021 · Mobile Development

When a Tech Influencer Demands GPL Source Code: The UMIDIGI F2 Story

A Chinese phone maker UMIDIGI faced public pressure after influencer Naomi Wu and a Polish developer demanded the GPL‑v2‑licensed kernel source of the Android 10‑based UMIDIGI F2, highlighting the obligations and controversies surrounding open‑source compliance.

AndroidGPLNaomi Wu
0 likes · 4 min read
When a Tech Influencer Demands GPL Source Code: The UMIDIGI F2 Story
ITFLY8 Architecture Home
ITFLY8 Architecture Home
Jun 25, 2021 · Fundamentals

Mastering TOGAF Architecture Capability and Governance: A Practical Guide

This comprehensive guide explains how TOGAF’s Architecture Capability Framework helps enterprises build and govern architecture capabilities, covering governance structures, capability components, the ADM phases, architecture committees, compliance processes, and practical governance guidelines for successful enterprise architecture implementation.

TOGAFarchitecture capabilityarchitecture governance
0 likes · 63 min read
Mastering TOGAF Architecture Capability and Governance: A Practical Guide