"Ruisu API Security Governance Solution" won the double award of "Xinzhi Award"!

Recently, the "Xinzhi Award·4th Excellent Financial Data Intelligence Solution Selection" hosted by Jinke Innovation Society and supported by the Global Financial Professionals Association lasted for 4 months. After the collection, review, and defense of the program, the final results were officially released. "Ruishu API Security Governance Solution" won the "Top 10 Excellent Solutions Recommended by Experts" + "Excellent Network Information Security Innovation Solution" double award!

About the Xinzhi Award

The "Xinzhi Award" selection is committed to selecting excellent solutions that are advanced and referenceable and meet the needs of the financial industry in a fair, just and open manner as the financial industry moves from online, digital to digital intelligence.

This year's "Xinzhi Award" received a total of 97 entries from 75 companies, and 54 review experts from the People's Bank of China and financial institutions such as banks, insurance, securities, and funds participated. After online voting, the first round of expert group scoring, 6 online defenses, and the second round of expert group scoring, nine awards were selected, including the "Xinzhi Award 2022 Financial Data Intelligence Expert Recommended TOP10 Excellent Solutions".

About "Ruishu API Security Governance Solution"

Ruishu's API security governance solution adopts a data full life cycle management technology framework and establishes corresponding technical response measures for each link and step of data transmission, provision and disclosure. It is a solution that integrates API asset perception, discovery, management, security attacks, interface parameter identification, sensitive data identification, abnormal behavior control and auditing.

Financial business application scenarios:

API asset auditing and management: Automatic discovery of API assets, automatic discovery of API interfaces in traffic, automatic identification, sorting, and grouping of API interfaces, full life cycle management of API assets, and creation of API asset portraits and full API reports.

API sensitive data leakage prevention and classification: Identify sensitive data in API traffic, classify sensitive data, and desensitize and manage API sensitive data.

API data security compliance audit: In-depth analysis of API traffic retention records and interface access behaviors, association of abnormal operation accounts or API tokens, and providing traceability evidence. Based on the characteristics of financial API business, API audit reports are issued in combination with policies, regulations, and industry rules to eliminate potential risks in the bud.

API interface vulnerability protection and intrusion prevention: Through semantic analysis, traffic learning, and rule matching technology, real-time identification and blocking of API attacks can be achieved, API security protection capabilities can be strengthened, and a sound security protection system can be established, thereby enhancing the ability of financial enterprise APIs to resist external threats and reducing the probability of data security incidents.

Application deployment:

Provides multiple deployment forms such as reverse proxy, bypass mirror, and Agent plug-in to act on the network, and implements a serialized security defense mode or uses API probe traffic collection and unified connection to the API centralized analysis platform for API data governance. This model fully considers the analysis of the entire network architecture and pros and cons, does not require modification of application code, reduces operation and maintenance complexity and the probability of failure, and realizes a complete solution for API east-west traffic identification and north-south traffic control.

Ruishu API security governance solution can implement the compliance construction of financial API business and resist the emerging threats of financial API. Through the "ADMP security model" methodology of API perception, discovery, monitoring and protection, it can realize the intelligent identification and sorting of massive APIs, API security intelligent defense, sensitive data identification and desensitization, abnormal behavior identification and control; implement the goals of API security management, security integration, and security operation and maintenance required by the "national standard" and "gold standard". Realizing the security management and control of financial open APIs lays the foundation for the breadth and depth of intelligent, scenario-based, and personalized financial services, and plays an important role in promoting the transformation and upgrading of financial business to the API model and enhancing core competitiveness.