0 views collected around this technical thread.
Ant Group’s “Aspect‑Fusion Intelligence” system, recognized as an outstanding cybersecurity case at the 2025 Beijing Cybersecurity Conference, leverages large‑model AI and expert knowledge to enhance threat detection, lower false positives, and improve explainability in large‑scale intrusion detection.
This article explains how large‑model AI can be integrated into security operations (AISECOPS) to simplify application integration, improve fault detection, and automate protection across complex north‑south and east‑west network layers, while addressing challenges such as data quality, cost control, model selection, and safety frameworks.
This article presents a comprehensive overview of AI‑enabled security operations, detailing the industry pain points, the AISECOPS workflow, model selection between OpenAI embeddings and ST5, classification methods, performance and cost evaluations, and future directions for integrating agents and secure AI pipelines.
The article examines the critical CVE-2024-6387 OpenSSH 0‑day remote code execution flaw, explains its technical details, and outlines JD Cloud's comprehensive emergency response, attack‑surface management, precise vulnerability intelligence, and managed security services to help enterprises mitigate such threats.
The 21st GOPS Global Operations Conference in Shanghai featured a Tencent Security expert who explained how attack simulation (BAS) provides continuous security control testing, risk assessment for high‑value assets, and a structured workflow that enhances security maturity and investment decisions.
This article details the challenges, design choices, deployment steps, detection model creation, data processing, visualization, and future plans of JD Daojia's security operations platform, highlighting the use of Graylog, Elasticsearch, and MongoDB to achieve scalable, real‑time threat detection and response.
This article describes Qunar's end‑to‑end automated workflow for detecting high‑risk Jar component vulnerabilities, collecting asset information, orchestrating remediation with a SOAR platform, and leveraging the TCDEV auto‑upgrade service to reduce manual effort and improve security operations efficiency.
iQIYI’s SOAR platform, built on StackStorm and the Walkoff visual editor, integrates security components, scripts, chat‑ops bots, and a mini‑program to automate detection and response, cutting MTTR by roughly 75% across high‑frequency routine tasks and low‑frequency critical incidents while planning broader coverage and knowledge‑base expansion.
This article details Zhaogang's journey from a chaotic startup environment to a mature, multi‑stage security operation, covering its background, the four‑phase security framework, traditional security domains, and practical strategies for driving security initiatives across the organization.
This article recounts a Ctrip security engineer’s evolution from early Unix‑based operations to fully automated network security, highlighting challenges in forecasting, application security integration, rapid incident response, and large‑scale firewall automation within a fast‑growing enterprise.
This article shares YY's security operations journey, detailing real incident response scenarios, the evolution of their security infrastructure from 2012 onward, and the key factors considered when building a robust security ops system, including DDoS protection, WAF, vulnerability scanning, intrusion detection, and data‑driven automation.
This article outlines why proactive information‑security preparedness, cross‑department response teams, and clear incident‑response checklists are essential for minimizing damage and maintaining trust when a data breach occurs.
The article presents a comprehensive list of one hundred concrete web‑application security techniques—ranging from HTTP request analysis and token validation to WAF rule conversion, honeypot deployment, IP reputation checks, and response‑time monitoring—derived from the book “Web Application Defender's Cookbook” and illustrated with real‑world examples and tool references.