“God said let there be light and there was light.” In double eleven interviewed Ali cloud security chief Xiao Li, suddenly have a new understanding of this sentence. From XiaoLi introduced it is easy to realize, and suffers from the co-existence of cloud computing is the inevitability of the birth of ali cloud security, cloud, the genetic gives it the power of “native”, from the initial simple attack threat defense, to comprehensive intelligent situational awareness and second stage of the emergency response and handling ability, let ali cloud security network security become desirable.

A strong body forged in darkness

Ten years back, Internet technology has opened our eyes to a wider world, but what we can’t see is the threat behind it. As Xiao recalls, the early days of singles’ Day were mainly about stability. Due to the rapid development of business, the flood peak of access flow is accompanied by an endless stream of network attacks. “We were also want to buy security vendor products to protect the security of a double tenth, but found no which security vendor can support double tenth a big flow rate as high as T level, so we can only do your own”, XiaoLi said, “now our ability to secure reserves mainly in terms of DDoS, is also due to the early business demands.”

In the past decade, each successful escort seems to be a process of coming back and forth from the dead, rising from the ashes and emerging from the cocoon into a butterfly. Ali Cloud has built six Anycast cleaning centers around the world, expanding its escort business to the world, not only providing overseas cleaning services for Ali’s own overseas business Lazada and its clients on the cloud, but also enabling global enterprises to enjoy ali Cloud’s security technology. It can be said that if there is no double 11 hone, maybe there is no Ali Cloud now strong physique.

In the interview, Xiao Li also mentioned more than once that “It is the battlefield of Double Eleven that has achieved the ability of ali’s entire system”. If the early Double ten belt brought freshness and expectation to consumers, it brought the whole security team in the early stage of Ali was a storm in the darkness of the test, after the test was more powerful after the rebirth of cocoon.

The darkness is past, and the twilight is dawning.

Safety at dawn: ‘Know your enemy’








Xiao Li seems to remember every battle in the past, he thinks that the essence of security is to achieve the highest realm of “attack and defense” : and the infinite original “ability” of cloud computing can make security achieve a more intelligent and stronger realm.

Hacker is xiao Li mouth that always stand in the other end of the network against the mysterious man, from his interview we can feel that he for security in this field invincible adhere to and “attack and defense” game between the passion.

Every year at midnight on November 11, as hundreds of millions of people go on a simultaneous shopping spree, hackers seek a dark corner of the cyberworld to launch their attack spree.

“Electric business environment of the business environment is varied, such as double tenth one there is a kind of game is add shopping cart is ahead of time, then there will be a hacker using worm to take their goods to join all quietly in the shopping cart, while consumers do not pay attention to order buy together, this is the business logic of the electricity market scene vulnerability may lead to harm.” Xiao Li said.

Again crazy hackers are, however, everyone has weaknesses, has its good tactics and behavior habits, like the TV series “the don’t lie to me,” the hero can through the characters facial expressions and behavior analysis to determine whether the other party is lying to hitting the truth behind, ali, cloud data through the cloud computing to build the safety of the brain, With the help of the powerful intelligence capability, keen threat insight and global visibility on the cloud, it can intelligently identify disguised security threats, so as to not miss any “bad guys” and kill any “good guys”.

“Fortunately, we have battled hackers for years and have put in place a complete system to keep consumers safe when they shop. During the Double Eleven in 2018, we achieved zero missed kills and zero accidental kills, which is the collective strength of the entire Ali security system.” Xiao li said proudly.

From the conversation with Xiao Li found that the security of the defense and attack do not depend on hard but in the battle of wisdom. After ten years of fighting with hackers, Ali Cloud has faded its ignorant face when it was just starting out, instead, it is calm that it knows itself and the enemy after hundreds of battles.

The dawn has come and the light is here.

In bright times, a sense of security is “accompanied by nature”

As the saying goes, the devil is higher than a foot. As the Internet technology continues to advance, so does the cyber threat. Xiao said that the network threat is developing from the original infrastructure to the business layer and application layer, and some high-security industries have greater demands for security. Especially as some government systems have become online services, such as car license plate online lottery, urban housing lottery, online examination and so on, are likely to become the black gray industry profit position. At present, the security threat is only limited to the level of property security. For example, a hacker encrypts your data and needs to pay high bitcoin for redemption. But in the future, the security threat may rise to personal security.

However, as individual users, we are less and less concerned about security, and few people will install anti-virus software on their smartphones, smart cars and other terminal devices, “because security has become the default consideration of products from design to delivery,” Xiao li explained.

When it comes to default security, Xiao li’s expression on his face is serious. He said that the default security is the top priority of security construction, the traditional external hanging system security in the cloud era will become built-in security, so as to ensure the data and even personal safety of enterprise users or individual users. In layman’s terms, security should be “concomitant,” with the “birth” of the business taken into account. By then, a bright new era of cyber security will have dawned.

When asked about aliyun’s security investment, Xiao did not give a specific answer, but gave a set of comparative figures: most foreign enterprises invest 10%-15% of THEIR IT spending on security, while domestic enterprises invest less than 5% on average. Such a contrasting set of numbers is hard to resist. At a time when it feels anachronistic not to talk about digitalization, security deserves more attention, if not more.

It is the principle of Xiao Li has been, but also a persistent Ali people. The ultimate goal is to replace redundant human work with machines so that more energy can be devoted to new technology exploration and capacity building to ensure the safety of all cloud users. Xiao said that although ali cloud platform and cloud products have implemented the default protection, but this is far from enough. “Different users have different business scenarios and different security issues. We hope to ensure the security of the platform and the security of the application and business together with users. We will share our security capabilities with customers to achieve universal security, so that enterprises can easily manage security and focus on their own business.” Xiao Li finally said.