Aggregator

国安部提醒:警惕生物数据跨国泄露

中国信息安全
2 months 2 weeks ago
跨国生物合作能有效整合全球资源、共享技术成果,推动破解科技难题。但合作共享中,人类遗传基因、珍稀物种资源以及科研核心数据等一旦失守失控,不仅会泄露我生物领域底层代码,更有可能成为境外反华敌对势力在生物领域威胁我国家安全的重大隐患。

He Who Controls the Key Controls the World – Microsoft “Often” Provides BitLocker Keys to Law Enforcement

Security Boulevard
2 months 2 weeks ago

Encryption doesn’t guarantee privacy—key ownership does. This article explains how cloud-stored encryption keys let third parties unlock your data, exposing the hidden risks behind “secure” services like BitLocker and Gmail.

The post He Who Controls the Key Controls the World – Microsoft “Often” Provides BitLocker Keys to Law Enforcement appeared first on Security Boulevard.

Mark Rasch

​国家级人工智能基金落子长亭科技,共创智能安全新未来

嘶吼
2 months 2 weeks ago

近日,长亭科技宣布完成最新一笔融资。本轮融资总额5亿元,投资人包括国家人工智能产业投资基金,上海国际集团旗下国方创新,北京市人工智能产业投资基金。

据悉,获得人工智能基金的加持后,长亭科技将紧密围绕国家AI战略,继续深耕智能安全领域,以“确保人工智能安全、可靠、可控”为使命,聚焦“AI赋能安全”与“AI自身安全”,护航数字经济健康发展。

AI时代,安全为必选项

近年国家层面的政策部署,安全已成为人工智能发展的前置条件。2025年国务院《关于深入实施“人工智能+”行动的意见》明确要求“提升安全能力水平”,防范模型风险,推动应用“合规、透明、可信赖”。近日,工业和信息化部等八部门联合印发的《“人工智能+制造”专项行动实施意见》更设立专章“安全护航”,详细部署关键技术攻关与治理机制建设。

这些政策表明,在我国人工智能迈向全方位、深层次融合应用的新阶段,安全与创新已被置于同等重要的位置,必须同步规划、同步建设、同步投入。没有稳固的安全底座,AI赋能千行百业的宏大进程就难以行稳致远。

在“人工智能+”行动全面推进的当下,这一投资决策契合了国家“人工智能+”战略中“安全护航”的底层要求,不仅揭示了安全体系构建在AI时代的核心价值,更是对我国人工智能战略发展蓝图最直接、最有力的资本呼应。

长亭科技,领跑智能安全

长亭科技是国内网络安全领域率先获得国家级人工智能基金加持的企业。在AI浪潮的冲击下,作为国内网络安全新生代领军企业,长亭科技已经实现“知攻善防,智能安全”的前瞻性布局,完成了从传统网络安全企业向智能安全服务商的全面转型。

当前,AI安全已成为保障技术创新与产业应用的前提,没有可靠的安全防护体系,人工智能与各行各业的深度融合将面临巨大风险。同时,网络安全行业普遍面临AI技术重构攻防逻辑的转型挑战。

作为投资对象,长亭科技的价值体现在其同时切入两大关键领域,构建了双轮驱动的发展布局。一是“AI赋能安全”,从全球首创的智能语义分析技术起步,到AI自主渗透智能体,逐步将AI深度融入产品基因;二是“AI自身安全”,布局大模型安全评估、AI生成代码安全等新兴需求。过去一年在多个AI安全赛事中的突出表现,已经为长亭科技的技术路径提供了有力验证。

在“AI赋能安全”领域,其推出的AI Web应用防火墙、AI SOC平台、AI流量检测等产品,将智能算法的效率优势转化为实战能力:2025年在国家网信办组织的人工智能赋能网络安全测试中拿下恶意流量检测赛道头筹,在国内首个AI智能渗透挑战赛中凭借自主研发的“AI自主渗透智能体”夺冠,印证了AI技术在提升安全防御效率与精准度上的巨大潜力,推动行业向“主动预判、智能响应”的新范式转型。

在“AI自身安全”这一前沿领域,随着人工智能规模化应用,大模型“黑箱”、AI生成代码漏洞、智能体伦理风险等新型安全问题日益凸显。对此,长亭科技精准发力,推出大模型安全评估与防护产品,近期获得了北京市AI创新大赛“内容安全专业极客赛·安全防护”一等奖与“内容安全专业极客赛·安全攻击”二等奖双项荣誉,充分验证了其大模型安全“攻防兼备”的先进能力。

同时,长亭科技基于“AI Secure Coding”理念,自主研发系列智能安全开发平台“码力”,将安全防护“左移”至代码生成阶段,实现代码的“边写边检、生而安全”,从源头降低AI时代的软件供应链风险。这一产品不仅填补了国内AI原生安全领域的部分空白,更为人工智能产业的可信发展提供了关键技术支撑。

长亭科技还持续推出了系列AI原生应用工具:安全可控的企业级开源AI Coding工具MonkeyCode、开源知识库自动搭建系统PandaWiki、智能网站AI助手Web2GPT、AI大模型驱动的开源售后服务社区KoalaQA,智能招聘引擎 WhaleHire,通过AI工具持续赋能,帮助企业实现科技生产力的智能化升级。

作为未上市网络安全企业第一梯队成员,长亭科技的转型实践具有强烈的示范效应。在其带动下,网安行业正加速从“产品堆砌”向“智能驱动”转型,通过AI赋能帮助企业提升运营效率、保障业务创新。

在国家政策引导、资本加持、企业创新的多重驱动下,长亭科技将以“确保人工智能安全、可靠、可控”为使命,进一步深化“知攻善防,智能安全”的实践,在人工智能重塑经济社会形态的关键阶段,积极在打造实战化智能防御标杆、构建可信AI应用基石、共建智能安全新生态等方面发挥更大的领军企业作用,为我国数字经济高质量发展提供坚实可靠保障。

企业资讯

Identity Fraud: The New Crimewave Targeting Remote Work

BankInfoSecurity.com
2 months 2 weeks ago
The Urgency of High-Assurance Identity Proofing Amid Growing Identity Fraud
Remote work has fueled a new crimewave built on stolen and synthetic identities. As deepfakes scale, high-assurance identity proofing - combining biometrics, liveness detection and verified IDs - becomes essential to verify users, prevent impersonation and protect enterprise access.

Charting the Next Era of Digital Identity and Trust

BankInfoSecurity.com
2 months 2 weeks ago
Identity Proofing Becomes Essential as Remote Work Redefines Enterprise Trust
Remote work has expanded hiring reach but introduced new risk. Identity now must be verified through digital signals rather than physical interactions. High-assurance identity proofing using solutions such as MajorKey's IDProof+ helps enterprises protect data, mitigate fraud and preserve trust.

Continuous Identity Assurance Is Now Security Infrastructure

BankInfoSecurity.com
2 months 2 weeks ago
From Remote Hiring to Access and Support, Trust Must Be Verified - Not Assumed
Attackers no longer break in - they simply impersonate an employee or contractor to gain access. Discover how continuous identity assurance across hiring, third-party access and call centers reduces human-layer risk, and how IDProof+ enables fast, trusted verification across critical workflows.

Rethinking Cybersecurity in a Platform World

BankInfoSecurity.com
2 months 2 weeks ago
How Consolidation Is Forcing CISOs and CIOs to Rethink Security Architecture
For more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.

Treasury Cuts Ties With Booz Allen Over IRS Data Leaks

BankInfoSecurity.com
2 months 2 weeks ago
Booz Allen Loses Treasury Work in Move Tied to Trump Waste Crackdown
The U.S. Department of Treasury said it canceled all active contracts with Booz Allen Hamilton, citing data protection failures in handling taxpayer information. Treasury cited a criminal case against Charles Littlejohn, a former employee who leaked the tax returns of President Donald Trump.

Claroty Gets $150M to Lead in AI for Infrastructure Security

BankInfoSecurity.com
2 months 2 weeks ago
Claroty CEO Yaniv Vardi Outlines IPO Strategy and Growth Through Acquisition
Claroty’s $150 million Series F funding round will help scale its platform for protecting critical infrastructure with embedded AI. CEO Yaniv Vardi says the company aims to reach profitability, pursue M&A and strengthen verticalized offerings for the healthcare, manufacturing and industrial spaces.

Upwind Secures $250M to Extend CNAPP to AI, Data Security

BankInfoSecurity.com
2 months 2 weeks ago
Series B Round at $1.5B Valuation Backs Push Into AI, Application and Data Security
Cloud security startup Upwind has raised $250 million to expand its CNAPP capabilities beyond detection and response. The company aims to accelerate engineering investment and move into high-demand categories such as AI and data security, achieving a $1.5 billion valuation.

Managed ad