The 2016 China Internet Security Conference (ISC), which closed yesterday, introduced an entrepreneurial sector, security maker pool, for the first time. Similar to the innovation sandbox segment of RSA conference, its purpose is to publicly select the most potential security start-ups and encourage more funds and talents to enter the security industry.

From the beginning of July this year, safe maker collection collected business plans for the whole society. Safe cow is one of the partners and recommended contacting more than half of the start-ups. From the business plans of nearly 50 security start-ups received, the security maker collection jury strictly selected nine security start-ups, namely Yidun Internet, Xindun era, Anxian technology, baimaohui, Anjiao data, visualthread, early morning network, skyguard and Nanjing yunlilai. The following is the self introduction of each enterprise in the on-site selection, as well as some opinions of the judges.

At the site of safe maker pool on ISC, each enterprise only has no more than 3 minutes of project roadshow and 10 minutes of interaction with the judges and answer the questions of the judges. At the same time, the jury will score from the four dimensions of "innovation", "application scenario and market potential", "social effect and contribution" and "composition and ability of core team". The highest score is the champion enterprise of this safe maker pool.

Tan Xiaosheng, chairman and vice president of 360 technology and chief security officer of safe venture capital, introduced that there are two aspects of the value of safe venture capital: first, through the roadshow of start-up enterprise projects, we can know what new directions these safe innovation enterprises are considering; second, safe venture capital invited some very experienced investors, including venture capital (VC), as well as leading in safe venture capital The successful entrepreneurs who have been "one step ahead" of Yu have formed the judging team. Through their questions and interactions with the representatives of these start-ups, we can also understand the general direction of the future development of China's cybersecurity market from the perspective of capital.

Tan Xiao Sheng

Where are the "strong" start-ups that are finally selected into safe maker pool?

First of all, congratulations on winning the "core shield era" of the "safe maker pool" champion!

From left: Sun Yue, chief scientist of ISC, famous Security Investor in Silicon Valley, co-founder and chief architect of cyphort

The judges agreed that the market demand for "Internet identity fraud" that Xindun era focuses on is strong at present. Its "smart identity authentication service" solves security problems through innovative technology and takes into account user experience. It has been well promoted in the financial field. Combined with the team and on-site performance, it has issued China Internet Security Conference (ISC) to Xindun era ）Safety maker champion.

Next, according to the roadshow sequence of 9 makers, according to the introduction of product ideas, technical characteristics and market potential made by the enterprise representatives during the roadshow, the editor summarized.

100 million Dun Internet - anti phishing website

Zhang Xiangzhu, CEO of Yidun Internet

6 innovations:

• "Passive report" - > "active detection" for phishing website discovery;
• Phishing website recognition consists of "dependent feature base" - > "behavior based intelligent recognition";
• Phishing website processing consists of "simple interception" - > "one stop processing from discovery to shutdown";
• The data of phishing website is composed of "information island" - > "associated big data";
• The work of phishing website consists of "terminal mode" - > "Internet mode";
• The phishing website business consists of "product sales" - > "SaaS based security services".

In terms of market potential, Zhang Xiangzhu, CEO of Yidun Internet, believes that "anti phishing website" has a huge demand for services in the financial markets such as banks, securities, insurance, payment and public security laws, especially in the government market, e-commerce, tourism and other civil markets driven by the sub platform of the network security situation awareness notification and early warning platform of the Ministry of public security, and can help ordinary citizens in a certain degree To solve the problem of network fraud.

2. Era of core shield - identity authentication

Sun Yue, CTO of Xindun Era

"By using equipment authentication, biometric authentication (face recognition), identity anti fraud technology and security authentication protocol algorithm, we are committed to solving the security problem of mobile Internet identity fraud, innovating the existing traditional authentication methods such as SMS authentication code, user name and password, U shield token, and providing safe and secret free intelligent identity authentication services for finance, government, Internet and other industries "Yes."

Three main safety products for enterprise customers:

• Trust for tims mainly provides short message verification code, encryption, transaction security protection, big data identity security and anti fraud for financial institutions such as banks;
• Trust for CIMS is in the research and development stage, which provides unified identity management services for enterprise employees;
• Trust for MIMS, the next driving force, is working with SAIC.

In terms of product experience, it will be bound with the bank's own business products. When individual customers use the bank's products for the first time, they need to initialize the products. At present, there are 6 initialization methods available, one of which can be selected. What is promoted is the method of "voice outgoing call to prevent voice call". Users can dial the phone and complete the prompt operation according to the phone received later A new authentication factor will be automatically generated inside the machine. Even if the account and password information are leaked, only this mobile phone can be used to log in to its account.

Core technology (formed technical barriers):

• Device fingerprint, collect a variety of software and hardware information, and carry out terminal differentiation and randomization processing through a specific way to generate a unique global ID for the device, and carry out anti duplication and anti brush processing;
• SSE (soft SE) technology creates a trusted operating environment in the mobile terminal, and simulates the safe operation of hardware Se by using white box algorithm, memory protection, storage protection, access control, anti read replication and other technologies.

3. Anxian Technology: adaptive security protection of cloud computing infrastructure

Zhu CAAC, CEO of Anxian Technology

"Provide network and file security protection based on feature library, and adaptive visual security management system based on data analysis."

In the virtualization layer, the agent-free security components are installed to transfer the network behavior and file access and read-write information to the management center. Through the analysis of massive data (based on behavior characteristics), the results are presented to users in a visual way, which is convenient for users to locate threats and formulate corresponding strategies.

Advantages:

• Compared with the traditional secure terminals and gateways, the resource consumption is small, which can make the number of virtual machines running in the cloud computing center under the same hardware equipment increase to three times;
• The document, network and system information are correlated and analyzed, and the detection results are accurate;
• Support the vast majority of domestic virtualization platforms and integrate with cloud service provider solutions in terms of security.

At present, the business model is mainly to connect with cloud service providers, such as data centers, and integrate products into their overall cloud service solutions as part of their security capabilities.

4. White hat exchange - enterprise threat information

Zhao Wu, CEO of baimaohui

"Focus on security big data and enterprise Threat Intelligence."

Small and medium-sized start-ups are faced with many security problems at the initial stage, such as fishing, Trojan horse, vulnerability utilization, database collision, social workers, etc., but their security budget is often limited; through SaaS based "Andersen enterprise threat perception platform", through asset discovery, log analysis (technical difficulties to be overcome), vulnerability discovery and external threat intelligence collection (white hat is launched through self Mobile platform monitoring software monitors all parts of the black chain) provides precise enterprise threat intelligence services, and locates the hacker team that leaks the source of data. Including specific benefit sharing and division of labor, how to operate each process, and which sensitive data of the enterprise has been leaked.

Business model, including small and medium-sized enterprises value-added services, and large sales of large customers.

5. Anjiao data - enterprise security operation service

Sun ronghua, technical director of Anjiao data

"Our service is mainly to provide multi-dimensional detection and fast response services for large and medium-sized enterprises, mainly to solve the two problems of enterprise management difficulties for information assets caused by security risks and slow response of enterprises after security events. The product observation platform is the SaaS platform, and we also provide safe operation services for customers around this platform. "

Stargazing platform is mainly functional linkage with Intranet / private cloud vulnerability management ("StarCraft"), fast response (response case, asset data, reinforcement scheme - > for reference of security operation and maintenance personnel), multi-dimensional detection (APP detection, code audit, DDoS attack, domain name, port, directory, etc.) and third-party Threat Intelligence.

cooperative partner:

• Loopholes: Lvmeng Technology (Aurora), Qiming star (Tianjing), tenable (Nessus)
• App detection: public information
• Code audit: codepicker
• Backbone traffic: Telecom cloud bank
• Cloud service provider: cloud intelligence

Core competitiveness: high safety operation service quality

Because it requires an understanding of industry knowledge to do security operation service, it has accumulated in P2P finance, securities and game industries; in the future, it will cooperate with IDC, operators and cloud service providers to integrate more security resources and standardize services.

6. Visualthread - Internet of vehicles security

Yan Wei, founder and CEO of visualthread

"China and the United States are the first and only companies to do Internet of vehicles security. They have both OTA control center and Internet of vehicles security protection and have not been acquired."

End to end "3 + 1" Internet of vehicles security defense system:

• Vehicle firewall patent;
• SOTA (security over the air) air update;
• Flexible security policy configuration;
• Big data auto attack real-time monitoring cloud platform.

Profit model: open the API of "air update" and "auto firewall" linked with the emergency response platform of automobile attack to automobile manufacturers, suppliers, motorcades and intelligent equipment manufacturers of the Internet of vehicles, and charge by vehicle, as well as cloud management fee and test fee.

In terms of financing, we have raised 4 million US dollars this year. On the customer side, we have reached an intention of cooperation with one car factory. We are talking with another two, an Asian and an American car factory. Different car factories need to customize their interfaces. It will take about a year and a half from the determination of cooperation to the determination of specific models and then to the integration and marketing.

7. Early morning network - Security Services

Yao Wei, CEO of network in the morning

"Our goal is to make the operation and maintenance and R & D personnel of the enterprise an output of the enterprise's security capability. Now there is a detail, which is to realize the discovery and sorting of enterprise information assets (especially IP assets) by crawling open data. "

8. Skyguard - UCS technology localization

Liu Lin, CEO of sky guard

"Skyguard's technology research and development team is from Websense. The planned unified content security center includes five parts: Web security gateway, email security gateway, data leakage prevention (DLP), access to security cloud, and mobile security. Skyguard chooses to make domestic products of data leakage prevention first."

Objective: DLP is mainly to solve the problem of enterprise core data theft (replacing the "foreign products" which are widely used by domestic enterprises), while UCS as a whole is to solve the apt attack.

"The difference between UCS and traditional security is that traditional security is based on port protocol and signature, while UCS is based on content. This requires in-depth content analysis and runs through all platforms. This is a mature technology in foreign countries. DLP is just a part of UCS technology, and skyguard really focuses on big data analysis. "

9. Nanjing yunlilai - high speed data collection and cleaning

Tang Xinan, chairman of Nanjing yunlilai

"Through the multi-dimensional big data analysis platform, combined with the network security analysis platform and intelligent operation and maintenance expert system, solve the network security problem."

Core technology: high speed data collection and cleaning of hardware and software (40Gbps).

Using DPI (deep packet detection) technology for real-time data collection can realize the visualization of the internal network traffic of the enterprise, the characterization of the network traffic topology map and the application of intelligent operation and maintenance (currently based on rule base, self-learning is the next step); externally, it can realize the early warning of DDoS attacks and malware intrusion detection (full flow analysis, dynamic domain name analysis, multi) Dimensional assembly line aggregation capability, machine learning). At present, efforts are being made to the anti fraud and anti-collision Bank of financial real-time transactions.

Do not do decryption work, software, deployment in the enterprise intranet load balancing behind.

Existing customers are Internet companies (such as Ctrip) and payment industries (such as lakala), and the next step is to enter the bank.

At present, we only serve private cloud customers. I feel that the opportunity for SaaS to serve small and medium-sized customers is not mature at this stage.

Safety entrepreneurship from the perspective of capital

Finally, Yuan Wenda, the global partner in charge of red dot venture capital fund, explained the promising subdivision areas of the safety industry as a safe venture investor.

Yuan Wen Da

These areas include:

• Application to realize self-protection;
• Audit and protection with data as the core;
• Software defined network;
• Threat Intelligence;
• Adaptive security architecture;
• Machine learning;
• Network segmentation and isolation;
• Enterprise mobile management;
• Cloud access security agent;
• Everything has identity (IAM);
• Attribute based access;
• Human centered security.

At the same time, it introduces some cases of red dot in China's security industry layout:

• Bang Bang security (mobile application security reinforcement);
• Ivy Cloud Security (Adaptive Security Architecture);
• Core shield era (identity authentication).

"From the perspective of investors, I think excellent safety entrepreneurship projects should have these three elements: first, the market, including market demand, the pain points of product solution, and the business value generated after market acceptance; second, the team, because Qihu 360 is also our investment object, you can refer to the story of Zhou Hongyi, Zhou Zong, Qi Xiangdong, Qi Zong; and finally, sustainable Competitiveness, you have to be clear that no start-up company in China has the advantage of time, your products will be copied soon after coming out, and the core competitiveness should be sustainable. "

Security itself is a much smaller circle than it and Internet businesses, but now the popularity of the big circle is declining, and the small circle is getting more and more attention. It seems contradictory, but in fact, it reflects that the national level and the capital side pay more attention to the security industry. Entrepreneurship is high-cost. This process needs appropriate "soil", but also the continuous attention and support of the capital side. Once the upsurge of safety entrepreneurship rises, it will react on the safety circle and society, and then form a virtuous circle. Whether it is to supplement the domestic security ecology, expand the security market, or enhance the comprehensive defense capability of national network security, it is of great benefit.