Smart Port Project for a Large Science and Technology Company
Standardization of Hyperconverged Factory for a Large Automotive Parts Company
Hyperconverged Infrastructure for Core Applications of a Semiconductor Company
Standardization of VSAN in a Large Automotive Manufacturing Plant
Intelligent Information Network Infrastructure Development for a Large Bank Office Building
Endpoint Security Implementation Project for a Manufacturing Plant
Data Security Compliance Transmission Project for a Large Bank
Disaster Recovery Backup Project with Two Locations and Three Centers for an Airline Company
Sustained Core Database Operations Project for the Semiconductor Industry
HPC Infrastructure Development Project for a Global Automotive Parts Supplier
Cross-Border Data Consulting and Remediation for a Multinational Manufacturing Enterpris
Integration and Operation of a Managed Security Platform for a Foreign Investment Fund
Unified Security Operations Platform Development Project for an Internet Financial Institution
Managed Security Operations Service Project for an Internationally Renowned Cosmetics Brand
Managed Security Operations Service Project for a Currency Brokerage Company
Technical Support for Critical Security Defense for a Leading Domestic Securities Service Provider
Penetration Testing Service Project for an Automotive Parts Manufacturing Company
Security Baseline Scanning Service for the Insurance Industry
As a leading global provider of Internet financial services, the user's operations are distributed worldwide.
Focusing on an overseas business model, its core infrastructure is hosted on major public cloud providers, with peak transaction data volumes reaching petabyte levels.
To ensure stable and secure business operations, there are significant demands for robust security in-depth defense mechanisms.
To further enhance its security operations capabilities, it is essential to deploy a leading SIEM platform as the central intelligence to optimize the effectiveness of security solutions.
Select modules related to Splunk Enterprise and Enterprise Security, deploying them on the international version of AWS public cloud, and design a cluster architecture that meets high data availability requirements.
Analyze local hot and warm data using a local cache approach, while long-term cold data is stored in Smart Store object storage, thereby conserving storage resources in large data environments.
Manage core security solutions and develop data models.
Design and implement security detection rules based on the ATT&CK matrix in conjunction with customer security policies.
Optimize rules, reduce noise, and ensure remote continuous operations.
Integrate CTI and vulnerability management solutions to expand the coverage of the SIEM platform.
Enhance the enterprise's overall security posture, ensuring that security is both visible and manageable.
Integrate mainstream CTI for precise noise reduction and incident response.