Cloud Compliance
01.
Security Assessment
Security Assessment
The comprehensive inventory of corporate assets through security assessment services is the basis for corporate information security compliance. The security assessment service also provides vulnerability assessment, which takes assets as the core to assess the severity of the risk points of each asset that needs to be protected, researched, and assessed at the physical, network, system, and application levels. At the same time, it confirms the effectiveness of the safety products that the company has purchased, maintains effective safety measures, avoids waste and reuses safety resources, thereby saving enterprise safety costs, and improves the overall quality of enterprise safety.
02.
Penetration Testing
Penetration Testing
The penetration testing service relies on the years of security experience of Yusys Financial Cloud. Based on user authorization, it simulates hacker intrusion, and uses controllable and non-destructive methods and means to conduct in-depth system security analysis and promptly discover system risks, threats, and vulnerabilities, enabling managers to discover and repair the risks and vulnerabilities.
03.
Emergency Response
Emergency Response
When a customer encounters hacking, DDoS, data theft, Trojan horse virus, and other incidents, Yusys Financial Cloud provides emergency response services including stop loss suppression, event analysis, business loss assessment, system reinforcement, and event traceability, so as to reduce the impact and loss of security events on the enterprise.
04.
Code Audit
Code Audit
Yusys’ code audit service enables source code analysis of the current application system, to conduct a security test and code evaluation from a security perspective. In the case of familiarity with the business system, from the application system structure, Yusys checks the associations between system modules and functions, authorization verification, etc., and from the security aspect, Yusys checks system vulnerabilities and defects. Combining its rich security knowledge, programming experience, and testing technology, Yusys uses static analysis and manual review methods to find security flaws in code architecture and coding, thereby minimizing the security risks of business software before the code is generated into a software product.
