The golden crown hairpin on the head and the green langgan on the waist.
It's hard to make wood between corals.
Where is the robe floating? The train is far away with the wind.
I look forward to the brilliance and roar like a blue.
Written by LAN he
Edit | chart
It is often said that men and women have slightly different understandings of the same thing. Because most men are bigger and coarser, they sometimes suffer from small details even though they look far away. Women are different. Most of them are delicate and thoughtful. They always have more in-depth and accurate views on things, even some "true" views.
Just as it happens, information security can't be fooled at all. What we need most is to be more real.
Unfortunately, just like most engineering majors, a class has only one or two "jewels in the eye", information security also inherits this eternal fine tradition. Therefore, there are few female practitioners in this field. Even if there are, most of them are also responsible for management and decision-making. Those who strive for front-line technical posts are absolutely worthy of "precious treasures".
In recent years, I have seen many big guys, experts and hackers, and have written their spirited stories, farsighted opinions and insights into information security. However, I always feel that these hard codes and cold machines are less warm and soft.
It was autumn in Beijing. It was a sunny afternoon. Fortunately, I met Zhang Ying.
The gorgeous and elegant long dress, fashionable and chic jewelry, light makeup, simple and elegant are very delicate. Just like the designer who just participated in the high fashion week, no one can imagine that she, sitting in front of me and laughing, turned out to be a female doctor of data security.
She told me that these clothes were actually designed by herself, but she only wanted to do one thing in her life, so she could not be a designer.
However, the cause of information security is fortunate to have a tender expert. And I also had a chance to get to the top.
In 1999, Zhang Ying graduated from the Institute of computing, Chinese Academy of Sciences. Because her research direction during her study was data security, her first job after graduation was to develop the management platform (Siem) in Lenovo Research Institute.
In the era of not entering the millennium, the Internet is just a new thing in China, and that management platform is the first IP network management platform in China. Zhang Ying still remembers that the management object of the IP network management system is the network equipment in Israel. You should know that the network technology in Israel is not too top in the world, which was a great thing at that time.
After that, Lenovo Research Institute set up a special action team to be responsible for the development of various management support platforms. Including the Research Institute's own network management platform, Lenovo's security management platform, server platform, and desktop management platform for commercial desktops. Zhang Ying is a member of this special action team, and she has never left the platform development position.
Although Lenovo Group has grown and acquired IBM PCD, the information security lab has been packaged and sold to Yaxin. It happened that some colleagues wanted to start their own business, so these guys in the research room who had been shaking for many years set up the product technology part of the startup company, netherworld.
In fact, Zhang Ying had a lot of worries before going to the Ph.D. -- whenever she put forward her idea of further study, there would be a voice saying: "there are many women doctors who give up halfway."
Fortunately, she was told by her family that it doesn't matter if she reads more for a few years. It's OK to spend reading as her own life. So she wrote down this sentence, and really calmed down her heart and unloaded her burden. Her idea was that if there was only one thing to do in her life, it would be satisfying to finish it.
Therefore, after the establishment of the company, Zhang Ying is still responsible for the direction of Siem platform. Until the beginning of 2011, she and the team of the research institute joined Qiming Xingchen, and continued to strengthen the development of Siem platform in Qiming Xingchen Taihe.
Time is fast forward to 2016. For some reasons, Zhang Ying wants to leave her job and start her own business. But at this time, the promise to let Qiming star Siem platform enter Gartner Magic Quadrant has not been fulfilled. So in that year, Zhang Ying insisted on presenting the whole system to analysts at the Gartner summit, despite the painful lesson that six European friends had been rejected.
Unexpectedly, analysts carefully read the design and architecture of Qiming star, and had repeated discussions with Zhang Ying. Finally, Qiming star's Siem platform was selected as one of 19 manufacturers in Gartner Magic Quadrant in 2017, ranking 11.
After fulfilling her promise, Zhang Ying felt that her mission in Qiming star had been completed, so she formally proposed to leave.
She said that her favorite thing in her life is fashion design, but now that she has a doctor's degree, she should be worthy of this resume. She saw the importance of AI, deep learning and big data for the Siem platform and decided to continue the only thing in her life.
As mentioned above, for some reasons, Zhang Ying has the idea of leaving her job to start a business. This reason is that "security will always lose to hackers".
Kevin Dominic wrote on the first page of his autobiography, "we are always successful.". In Zhang Ying's view, if we want to achieve a comprehensive defense in the game between security and hackers, we must achieve 100% success. However, as long as the hacker achieves 1% attack, the security will be reduced to 100% failure.
As a result, many users began to have a pessimistic attitude towards security, and even denied all technology and accumulation.
After the speech of General Secretary Xi Jinping in April 19, 2016, the whole security industry started a wave of rush for situation awareness. However, the technical foundation of situation awareness and Siem platform is very similar, especially in data processing and storage and artificial intelligence engine. Zhang Ying knows how deep the pit is.
So the original intention of her business is to provide a basic platform to help you solve the lowest level of technical problems.
According to Zhang Ying's understanding, any software should have two souls - technology and application. What this basic platform needs is only the soul of technology. If the customer wants to give it the soul of business, he only needs to carry out secondary development on the basic platform.
Intuitively speaking, this platform can be connected to any cooperation, and it is equivalent to helping partners complete 80% of their work. What business needs do partners have? It is only necessary to complete the last 20% of the work related to their own business needs on this basic platform, and then it can be directly delivered to users.
In this way, they can invest 100% of their energy in solving user specific problems, and deal with the last kilometer and the most special business security problems for users.
Speaking of this, Zhang Ying smiled. She said that although clothing design and information security are two things that are different from each other, they are essentially the same in the construction of basic platforms.
For a basic platform, the technical architecture is equivalent to the material of clothing. Just like an outstanding dress needs to have a good-looking appearance, many customers' demands for the basic platform are initially limited to the number of functional modules.
However, with continuous downtime and accidents, people gradually find that the original platform with excellent appearance is made of cheap materials.
Zhang Ying always agrees with the saying "recently received users, most valuable". What users are concerned about is the use of logic and functional modules. However, no matter how perfect the function module is, it also needs to have an excellent underlying technical framework to support its operability, just like the clothing on the gold and jade watch, it can't be defeated.
And a high-quality platform can help users to save the energy of the underlying architecture, and directly carry out secondary development on the platform, just like exquisite clothes, not only comfortable to wear, but also according to their own preferences, change from big to small.
At the same time, in terms of big data analysis, Zhang Ying believes that there are many Internet of things security enterprises, in fact, they do not have enough experience in big data processing. However, they have a large number of sensors at the same time, so product-based, engineering big data storage, distributed node solutions and big data analysis engine have become the most needed thing at present.
At present, she has transformed arcsight's most famous Association engine into a distributed association engine and developed a framework for machine learning. Users only need to drag various algorithms and big data schemes into the framework through small programs, and then encapsulate them, which can be applied to thousands of households in the whole industry.
On this basis, Zhang Ying needs to further build a community to provide communication and interaction and product download services. Customers can deploy locally after downloading products in the community. If there is a need for secondary development, they can also connect with her through the community to obtain technical support.
What this community realizes is that she ultimately wants to provide customers with a package delivery platform.
Zhang Ying said that she was very grateful to Qiming Xingchen, because Qiming has one vote of veto in the matter of leaving and starting a business, but after she expressed her ideas, the leaders finally showed great generosity and understanding.
Until later, 360 investment had many opportunities. It is precisely because of the atmosphere of the two giants that this new company, Sheng Huaan, is endowed with life.
A good security management platform, in Zhang Ying's view, should have the ability to solve at least six kinds of problems.
The first is the ability to solve the problem of attack and defense, that is, attack and defense early warning. Generally speaking, even if it can't be fully covered, it should at least be able to solve the problems in the event and after the event.
Secondly, a good security management platform must be a compliance audit platform that conforms to 27001, etc.
Third, the platform also needs to provide users with a set of information security system construction, including assessment and management.
In the concept of software defined security, there is a special core thing called controller. Therefore, the platform itself should also play the role of a centralized controller.
As a concept of Pan security, it is necessary to select the flow based on the controller. It is not only a cloud firewall, but also has the judgment of business level information security business, so as to make blocking and forwarding.
Therefore, fourth, a good security management platform should also be a centralized security equipment and business logic management platform.
Fifth, it should also be a SaaS platform, which can provide user business menu and push user services.
Finally, the second development platform is now the core of shenghua'an. Zhang Ying said that in the past, in the process of docking with many security vendors, many people have put forward the idea that they can provide a secondary development platform, because these vendors all have greater business logic to be presented at the upper level. From the early scattered data and information islands of various businesses to today's big data lake, security vendors have the needs of IT infrastructure and support system as well as business visualization.
In this way, the secondary development platform is particularly important.
In this process, Zhang Ying found that some companies focus on detection engines, and the customers' demand for detection engines is actually that they hope the number of engines can reach a certain degree, and collect data through big data analysis.
She believes that if the detection engine, as the witness link of fog computing and cloud computing, only judges security events in a certain area, even if it is effective, it will only act on a part. If we want to make the detection engine "efficient enough", we need to do it based on flow.
Therefore, shenghua'an also plans to develop flow based detection engine, combining Threat Intelligence and software definition security.
Of course, for Zhang Ying, the first thing right now is to do a good job in basic platform. At present, the log audit function has been completed. At the same time, the platform itself is also a collector, with a capacity of 12 T. for the six-month log audit required by the network security law, it can be said to be the conscience of the industry.
Zhang Ying told me that as early as a long time ago, there had been customers who wanted her to share the underlying development platform publicly. Now, she can finally enjoy her ideals and do what she wanted to do for a long time.
Now she has a big ideal, which is to hope that in a few years, the SOC of all security manufacturers and the underlying platform are the basic platform of shenghua'an. She thinks that there are not many researches on Distributed Association engine in the world, and they have successfully stuck this core technology point.
Lunatic, fool and dead brain
"At this age, we should think about improving our lives. It's obviously not the right decision to start a business," said Zhang
It has been 20 years since she graduated from Ph.D. in 1999. In the past 20 years, Zhang Ying has been accompanied by a group of partners who have grown up together from Lenovo Research Institute, joined Qiming star, and worked together to start a business today, so that she can understand what feelings are.
She said there were several other reasons for encouraging her to stick to her ideals and to start a business.
The first is that many partners are not willing to work with loyal customers. They are only limited to selling out products. Even if they want to develop more unique things on these platforms, she is proficient in them.
The second is that many end customers have proposed the idea of using Zhang Ying's Association engine many years ago, although there are many more developers in the customer. At that time it was impossible, but now it can be done.
The third is that many security companies with short product lines are hard to survive without situation awareness, and the basic platform is to save them.
Even Zhang Ying himself laments that the only people who stick to one thing in the direction of platform and engine may be lunatics and fools. If it wasn't for 20 years of real accumulation, stepping on all the pits that might fall into, it would not be able to adapt to these various requirements at present.
Zhang Ying said that although the industry continues to advocate "small and beautiful", she insisted on "addition".
Because she thinks that since she has enough experience and ability, it is always better to meet more needs. She wants shenghua'an and the basic platform to grow into what she wants, prove the value and reason of her existence, and then consider doing some "subtraction" appropriately.
Some people say that she is too "heavy" to do this, but she just wants to pick the hard ones. She's as "tough" as insisting on finishing her doctorate and doing only one thing for 20 years.
She laughs at herself, calling it "dead brain.".
Written in the end
I can't help but sigh that as a rare female practitioner in the information security industry, it's not easy to achieve such a career, which is very powerful and admirable.
However, Zhang Ying said that it's not her but the team that is powerful.
Now there are nearly 40 people in shenghua'an. Apart from the comrades in arms who went all the way from Lenovo Research Institute to today, among the rest of the colleagues, the master's proportion has exceeded nearly 80%, which is enough to be called a solid master's team.
Zhang Ying joked that if she called "master of Beiyou standing up" in the office, she could stand up in unison, let alone a group of master of Huazhong Science and technology, Chinese Academy of Sciences and Dalian Science and technology, who were still sitting at the bottom.
It's not easy, and it's lucky, because at this stage of reading, I have suffered a lot, the direction of information security is so sad, it's a great honor for Zhang Ying to gather here because of the same aspiration.
Until the first half of this year, Zhang Ying focused on the expansion of channels and the development of communities. Now there is a lot of content in the community. She welcomes the docking and cooperation of any partner, and everyone can get what they need from the community.
Zhang Ying said that although she can't be a designer in her life, she still takes a break from time to time to do some design she likes.
I think this is very good, because I have never heard of any product introduction, which can be so easy to understand and interesting.
Maybe when customers benefit from shenghua'an basic platform one day, they can't help but admire:
"What a wonderful material!"