栏目

Network information security services

Basic overview



Changtai Technology has built a defense network integrating network security technology, security products and senior security experts to provide comprehensive security consulting, overall security strategy formulation and penetration Intrusion testing, professional risk assessment, emergency response and other solutions, while providing personalized vulnerability scanning, network system vulnerability audit, network attack risk audit, system vulnerability repair, system hardening services, for all kinds of large and medium-sized networks and systems to create a security defense system against world-class network threats。

First service

Because the security service is different from the general product after-sales service, it is necessary to understand the environment of the entrusting party's information system and formulate the corresponding service plan, so it is necessary to carry out the "first service".。The contents of the first service include the investigation of users, the establishment of user profiles, and the granting of registered membership;Through the understanding of the user's information system, risk analysis and assessment, security vulnerability scanning, necessary adjustments are made, and the specific content of the continuous service is determined according to the degree of the user's implementation of the solution。You are advised to select three services for the first time: risk analysis and evaluation, security vulnerability detection and repair, and security configuration parameter adjustment。

2. Continuous service

The relevant services are provided on the basis of the specific content of the subsequent services as determined by the first service。Follow-up services can include security risk assessment, security vulnerability scanning, security solutions, management system improvement, security knowledge training, security information consulting, security dynamic response and other services。

Third, customized services

Users can customize special security services based on their actual security requirements。



  Changtai Technology has built a defense network integrating network security technology, security products and senior security experts to provide comprehensive security consulting, overall security strategy formulation and penetration Intrusion testing, professional risk assessment, emergency response and other solutions, while providing personalized vulnerability scanning, network system vulnerability audit, network attack risk audit, system vulnerability repair, system hardening services, for all kinds of large and medium-sized networks and systems to create a security defense system against world-class network threats。


First service

Because the security service is different from the general product after-sales service, It is necessary to understand the environment of the client's information system and formulate corresponding service plans, so it is necessary to carry out "first service".。The content of the first service includes the survey of users, the establishment of user profiles, Grant registered membership;Through the understanding of the user's information system, risk analysis and assessment, security vulnerability scanning, to make necessary adjustments, And according to the degree of user implementation of the solution to determine the specific content of the later continuous service。You are advised to select three services for the first time: risk analysis and evaluation, security vulnerability detection and repair, and security configuration parameter adjustment。

2. Continuous service

The relevant services are provided on the basis of the specific content of the subsequent services as determined by the first service。Follow-up services can include security risk assessment, security vulnerability scanning, security solutions, management system improvement, security knowledge training, security information consulting, security dynamic response and other services。

Third, customized services

Users can customize special security services based on their actual security requirements。

Advantages and characteristics
  • Security inspection service package
    A service that conducts in-depth and rigorous daily assessment of safety equipment with environmental stability and safety as its goals, and provides visual reporting and statistics。
  • Emergency response service package
    When a security threat event occurs, you need to take immediate measures to restore the security, integrity, and availability of the system as quickly as possible to prevent and reduce the severity of the security threat event。
  • Penetration testing service package
    Simulate attacks and vulnerability discovery techniques that hackers may use, conduct penetration test security verification on target information systems, and find more logical and deeper weaknesses, so that managers can intuitively understand their own network and system security status。
  • Website security service package
    In a real-time and active way, the website system security monitoring and early warning;Home page tampering monitoring, sensitive keyword monitoring, website availability monitoring, web page hanging horse monitoring。
  • Security Notification service package

    Through the collection of relevant information security industry dynamic information, through email regularly or irregularly sent to customers, customers through the notice to learn about the relevant information security information, or serious security vulnerabilities。

  • Safety self-inspection
    In special periods, respond to the requirements of superior authorities and network security, conduct information system self-inspection, rectification and reporting。
  • Security consulting, planning
    Information security consulting is aimed at the practical problems encountered by enterprises or governments in security management,Security management experts from the management, technology, system, mechanism proposed solutions,Combine customer business scenarios,Find problems, analyze problems, and solve problems,To help customers create a complete security solution for specific business scenarios,At the same time, security experts participate in the whole process and follow up the implementation of the program,Ensure the implementation of the scheme。
  • Safety emergency drill
    Establish and improve emergency response mechanisms for network and information security operations,Verify the effectiveness of the comprehensive emergency plan for network and information security and the special emergency plan for business technology,Verify the organization, command and emergency response capabilities of relevant organizations and personnel in response to network and information security emergencies,Ensure that all emergency command and dispatch work is carried out quickly, efficiently and orderly,It can meet the needs of network and information system operation guarantee and fault recovery under sudden circumstances,Ensure the safety and smooth flow of information systems。At the same time, through the drill, constantly improve the level and efficiency of emergency work carried out by various departments, find the deficiencies of the emergency plan, and further improve the emergency plan。
  • Cyber security offensive and defensive drills
    深入贯彻落实习近平总书记关于网络安全工作系列讲话精神,Conscientiously fulfill the responsibilities of the Ministry of Human Resources and Social Security, PRC and the public security organs for cybersecurity protection and supervision,We will make every effort to maintain the security of critical information infrastructure,Ensure the safe and stable operation of the user's important information system,In accordance with the "Network Security Law", The State Council Order 147 and other laws and regulations and the "Public security organs Network security attack and defense exercise work standards (Trial)" requirements,Organize and carry out cyber security drills。
  • Security hardening
    Confirm the hardening scope, and cooperate with vendors to harden security vulnerabilities, deploy security products, and optimize information system security policies。
  • Reinsurance period service
    Provide professional security service personnel on security duty, improve security defense capabilities through security detection, monitoring and early warning, and protection capacity building, and ensure network security during the reguarantee period。
  • Network security week publicity work
    Through multimedia, help users to popularize national network security policy and network security knowledge, Internet security awareness publicity, posters, videos, public accounts, websites and other publicity means。
  • Security assessment service package

    Through the global vulnerability assessment, the overall security vulnerability of the information system is mastered.Based on the results of the vulnerability assessment and the characteristics of the business model, provide targeted security repair suggestions to prevent security hazards from being exploited again。

  • Wait insurance consulting service package
    Assist users to complete the construction of various stages of grade protection, and ensure that users plan and build their own security system in strict accordance with the process of grade protection。
  • On-site safety operation and maintenance service package
    It includes security assessment, security monitoring, security inspection, fault handling, system check, system upgrade, vulnerability scanning, penetration testing, security hardening, backup management, security training, and security management system。
  • Security Development Life Cycle (SDL) consulting package
    The Security Development Lifecycle (SDL) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development costs。The core idea of SDL is to integrate security considerations into every stage of software development: requirements analysis, design, coding, testing, and maintenance。Security activities are added at each stage of the process, from requirements to design to product release, to reduce the number of vulnerabilities in the software and minimize security flaws。The secure development life cycle (SDL) is a security assurance process that focuses on software development and aims to develop secure software applications。
  • CISP training and examination
    CISP is a national certification implemented by China Information Security Product Evaluation and Certification Center, which represents the highest recognition of information security personnel qualification by the state。It marks the information Security Advanced Talent certification standard,CISP certified security experts can better meet the requirements of enterprise information security system construction and maintenance,End all kinds of sudden information security problems,CISP certified professionals have professional skills in security technology, management and service capabilities,In order to create better career prospects for themselves,To provide more professional and effective service to internal and external clients。
  • Information security training

    1)信息安全背景及发展趋势; 2)人员安全意识培训; 3)渗透测试培训; 4)web应用安全培训; 5)黑客攻击与应急响应培训; 6)各类定制培训内容