A new report shows that the tactics of criminals affecting online security are gradually changing, with a significant increase in application-specific and web-based attacks. Cyber attacks accounted for 67 percent of all attacks last year, according to Japan’s NTT Global Threat Intelligence Report 2021. In the past two years, cyber attacks have increased 300 percent in manufacturing, 200 percent in health care, and 53 percent in finance.

These three industries accounted for 62 percent of all attacks last year, up 11 percent from the previous year, according to the report, which looked at global attack data. While malware has become more commoditized in terms of features and functionality in the last year, it has also become more diversified due to the rise of versatile malware.

Malicious mining software that affects network security has surpassed spyware as the most widely used malware, but the use of specific malware variants for specific industries continues to evolve. Worms are most common in finance and manufacturing, with remote access Trojans wreaking havoc in healthcare and ransomware wreaking havoc in technology.

Malicious mining accounted for 41 percent of all detected malware in 2020. Trojans accounted for 26 percent of the total, worms 10 percent and ransomware 6 percent. According to NTT research, more than half of organizations worldwide have identified cloud security as their top cybersecurity priority over the next 18 months.

There is no national security without network security. With more and more data leaks, ransomware, DDOS attacks and other network security incidents, information security is more and more known and valued by people. The stability of network security can only be ensured by reducing the vulnerability of code itself. More and more enterprises begin to take the initiative to defend code software security through code audit, in order to maximize the detection of defects in the code before being attacked by hackers, so as to reduce losses.

Code audit is divided into static code detection and dynamic code detection. Static code detection refers to scanning and analyzing program code through syntax analysis, lexical analysis, data flow analysis, control flow and other technologies without running the program code to find potential security problems in the code. Dynamic code detection refers to code detection by extracting and analyzing all kinds of information generated during program running. Dynamic code detection accuracy is high, but the disadvantage is low coverage. Static code detection has the advantages of deep detection, wide detection range and low cost to modify code defects, but most static code detection has the disadvantages of low efficiency and high false positive rate.

With the strong support of the Chinese Academy of Sciences, Zhongke Tianqi independently developed a software source code Static detection and analysis tool (SAST) that can compete with international code security detection products. Through intelligent learning, the false positive rate is only 1/3 of other products. Using the program analysis engine of independent patented technology, a variety of innovative static analysis technology, reducing the detection time by 1/3; It supports defect/vulnerability detection across tens of millions of lines of code across files, classes and functions, and Wukong can automatically identify security vulnerabilities in code and find more security vulnerabilities of known/unknown depth.

Under the condition of the network security problem becomes severe, Wukong was (Wukong) can help enterprises in the software development phase, to appear in the process of coding technology for search, identify, track and logical loopholes may caused by code specification/defects of security holes, holes in the early development of code warning and repair, reduce the risk of software vulnerabilities in running after, Enhance the security capability against cyber attacks to provide a favorable guarantee for cyber security.

Moreover, Wukong static code security testing tool, as a xincreate product, conforms to international (CWE) and national (CNNVD) testing standards. It supports mainstream operating systems such as Windows, Ubuntu, CentOS, Red Hat and Suse Linux. Also support bid-winning, Galaxy, Kunpeng, Longson, Feiteng and other domestic operating systems deployment adaptation.

As the only industrialization platform of the Institute of Computing Technology of the Chinese Academy of Sciences in the field of software security, In order to reduce “software code security loopholes,

Improve the ability to detect cyber threats and reduce cyber security risks!” For the mission, in today’s increasingly prominent software security issues, strive to ensure network security forward.

Wukong static code detection tool, from the source, for your software security escort!

Software security The last line of defense for network security

Zhongke Tianqi company is strongly promoted by the Institute of Computing Technology of Chinese Academy of Sciences

With the international leading independent research results of cas institute of Computing science

Software Code Vulnerability Detection and Repair platform Wukong

For the foundation of the establishment of high-tech enterprises

Keywords: Ransomware Network security Static code detection code defects malware

And read the links: www.woocoom.com/b021.html?i…