Deep in cyberspace lies a little-known "backdoor"—a hidden battlefield without smoke: "black hats" (malicious hackers) wield digital spears, pressing forward with relentless attacks; "white hats" (ethical hackers/security professionals) clutch defensive shields, holding their ground. In the fierce battle between offense and defense, they embody the core essence of cybersecurity. As Qi Xiangdong, Chairman of Qi’anxin, put it, "Security in the online world is essentially a high-intensity confrontation between offensive and defensive sides. There is no impenetrable network, no unbreakable wall."
As the world’s second-largest economy, China faces more severe major cyberattacks than imagined, affecting various industries—with education & research, industrial manufacturing, and healthcare being the most prominent. In April 2022, Northwestern Polytechnical University suffered a cyberattack from overseas, with the behind-the-scenes group TAO stealing a large amount of high-value data. In December 2022, NIO Inc. fell victim to a ransomware attack, resulting in the leak of 22,800 pieces of internal employee data and 399,000 pieces of car owners’ ID information; the attackers demanded a ransom equivalent to 2.25 million US dollars in Bitcoin... "Without cybersecurity, there can be no national security, nor stable economic and social operation." Amid the rapid development of the digital economy, security and development are like two wings of a bird—becoming a key proposition of the era.
The Cybersecurity Law was promulgated in 2016; in 2022, the Central Cyberspace Affairs Commission released the 14th Five-Year Plan for National Informatization, which explicitly emphasizes comprehensively strengthening the cybersecurity support system and capacity building; in early 2023, 16 ministries and commissions including the Ministry of Industry and Information Technology jointly issued the Guiding Opinions on Promoting the Development of the Data Security Industry... Consolidating the cybersecurity barrier has become a national task of overall importance. With the development of the digital economy and the increasing value of data elements, it has driven the growth of the data security and security service sectors, bringing new development opportunities to the cybersecurity industry. By mid-2023, the number of enterprises engaged in China’s cybersecurity industry had exceeded 4,700. Government agencies, public institutions such as public security departments, and large enterprises including financial institutions and telecom operators have all built their own security barriers through cybersecurity tools and professional operation personnel.
However, as security infrastructure expands, new challenges emerge. For example, products from different suppliers in government and enterprise units are relatively isolated, prone to information overload; it is difficult for products to share information and collaborate effectively, creating potential security vulnerabilities; when an attack occurs, security tools operate independently and generate separate alerts, which may lead to missed key attack indicators... It is imperative to improve the automation level of cybersecurity operation capabilities and integrate security tools from various suppliers into a comprehensive security operation system to enhance defense efficiency and reduce defense costs.
Nanjing Zhongzhiwei Information Technology Co., Ltd. (hereinafter referred to as "Zhongzhiwei") is a "pioneer" focusing on the AISecOps field. It seamlessly integrates security-related teams, tools, and processes to innovatively build an intelligent security collaboration and response platform, and relies on AI large models and knowledge bases to drive security operations.
Assessing Trends for a Second Venture, Laying Out a New Track in Cybersecurity
Sun Jie is the founder and chairman of Zhongzhiwei. After graduating with a master’s degree in Software Engineering from Nanjing University in 2008, he worked at the well-known cybersecurity vendor ISONE (China) to develop cybersecurity products. Later, he joined Huawei’s Cybersecurity Department with his outstanding capabilities, responsible for promoting Huawei’s cybersecurity projects globally. In 2011, to engage in frontline marketing business, Sun Jie left Huawei to join Check Point, where he advanced from a technical leader to Vice President of Sales for North Asia. In 2014, he ventured into entrepreneurship, co-founding the well-known cybersecurity enterprise Shanghai Douxiang Technology. From a member of a university "red team" (offensive security team) to the founder of a leading cybersecurity company, Sun Jie has accumulated rich practical experience in professional technology, enterprise management, and team leadership over his 20-year career in cybersecurity. He has also gained deeper insights into the construction of the cybersecurity ecosystem and the empowerment of cybersecurity by artificial intelligence amid the accelerated digital transformation.
"As the process chain associated with cyberspace confrontation lengthens, large-scale and multi-dimensional data mining enhances security defense capabilities, but at the same time poses unprecedented challenges to security operation teams. The traditional model of ‘human + technology’ can no longer meet the needs of the era; an operation model driven by data and knowledge will become the future trend," said Sun Jie, a "veteran" in cybersecurity, who has an accurate judgment of future trends.
Zhongzhiwei was registered and established in Nanjing in 2015. As an important base for the software and information service industry, Nanjing’s favorable entrepreneurship policies and solid cybersecurity industry foundation were key factors attracting Sun Jie, a native of Nanjing, to return and start his second venture. Based on the well-known domestic Kylin Security Laboratory (formerly OPENX Laboratory), he focused on the AISecOps track (artificial intelligence + cybersecurity), aiming to provide customers with independently controllable integrated offense-defense management, security collaboration and response platforms, and AI technology map-based security solutions through cybersecurity, big data, and information technology application innovation.
"In the future, with the development of artificial intelligence, cyber attack methods will inevitably evolve. Attackers will adopt machine learning, deep learning, and other methods to enhance the automation, intelligence, and weaponization of cyber attacks. Traditional defense methods will be difficult to adapt, so the importance of intelligent cyber defense is self-evident. Therefore, we targeted the new track of artificial intelligence from the very beginning, and made good use of AI—a ‘double-edged sword’ for cybersecurity—to help governments and enterprises improve the threat prediction, detection, and response capabilities of their security systems, and enhance security operation efficiency," Sun Jie said.
Adhering to the entrepreneurial philosophy of "reshaping the security ecosystem through collective wisdom and innovation, empowering cybersecurity with AI operations," Zhongzhiwei actively lays out the track of AI-empowered cybersecurity. Its expert service team, composed of members from renowned domestic security laboratories, and a top-tier domestic white-hat team, together with professionals from well-known enterprises such as Huawei, Lenovo, Trend Micro, and Venustech, are committed to building an AISecOps technology system consisting of three core technologies: AISec (AI Security), SecOps (Security Operations), and AIOps (IT Intelligent Operations). It aims to use the intelligence, automation, and scenario-based features of AISecOps to help customers efficiently solve new security operation problems in the field of offense-defense actual combat, and realize the professionalization and authority of services such as SOAR (Security Orchestration, Automation and Response), security operation and maintenance, offense-defense drills, risk assessment, vulnerability detection, and endpoint management.
Zhongzhiwei’s firm steps and clear direction have not only won industry recognition but also attracted the attention of the capital market. After receiving funding support from Gaochun District’s "Entrepreneurship in Nanjing" Talent Project in 2018, it has secured nearly 100 million yuan in Angel Round, Pre-A Round, Pre-A+ Round, and A1 Round financing since 2021. In 2023, Nanjing Innovation Investment Group invested tens of millions of yuan in its A2 Round financing.
"The investment from Nanjing Innovation Investment Group has injected new impetus into the company’s efforts to build core competitiveness. We will accelerate product R&D, matrix expansion, channel development, and team building, and promote Zhongzhiwei to speed up the pace of technological iteration and application improvement in AISecOps with the development of AIGC technology, so as to expand the commercialization level and market share of our products," Sun Jie said after receiving the investment.
Deepening AISecOps Technology, Building a Strong Cybersecurity Ecosystem
In late February, the 2024 Artificial Intelligence Security Report was released, stating that with the rapid growth of malicious use of AI technology, cyber attacks will "become increasingly automated and personalized," and new attack methods will emerge in an endless stream, posing severe threats to political security, cybersecurity, physical security, and military security. According to data platform Statista, the global annual loss caused by cybercrime in the AI era will rise from 8.15 trillion US dollars in 2023 to 13.8 trillion US dollars in 2028, presenting an extremely grim situation. In October 2021, a multinational new energy group was targeted by Conti using 34 tactical methods, resulting in the loss of core data, severely disrupting the group’s normal production and operation, damaging its reputation, and causing direct economic losses of over one million yuan. After the incident, Zhongzhiwei responded quickly; with its efficient analysis and judgment capabilities, it helped the user recover data and resume business operations within 27 days of offensive-defensive stalemate, minimizing the impact and economic losses. "Every offense-defense battle is brutal; the establishment of a security operation system will greatly reduce cybersecurity risks, which is what we hope for," Sun Jie said.
Guided by security operations and based on the integration of people, processes, technology, and data, Zhongzhiwei has built highly automated trusted security intelligence for key links in cybersecurity risk control and offense-defense confrontation—including prevention, detection, response, prediction, and recovery—to assist humans in providing various security operation services.
In terms of AISecOps technology, Zhongzhiwei has built an intelligent security operation ecosystem matrix with the "Red Whale Security Collaboration and Response Platform" as the core brain, the "Chongming Security Managed Service Platform" as the service support, and the "Blue Whale Security Offense-Defense Operation Platform" as the hub for modular product derivation from "1 to X". It has developed 15 modular products covering intelligent enterprise security risk management, security asset management, security log management, as well as security automation response, automated orchestration, and automated security operations. Additionally, it offers 5 security operation solutions covering the G-end (government supervision end) and B-end (business client end).
"We aim to provide enterprise-level customers in finance, public security, party and government military, telecom operators, and industrial internet with high-quality cybersecurity services by offering independently controllable integrated offense-defense management, security collaboration and response platforms, and AI technology map-based security solutions," Sun Jie believes that strong technical capabilities support the company’s product performance, and independent R&D capabilities are a testament to the company’s strength.
Relying on its core product, the RedOps Red Whale Intelligent Security Operation Platform, as the foundation, Zhongzhiwei has created an integrated digital security collaboration and operation solution based on large language models. Its independently developed "Red Guard RedGuard Swarm Auxiliary Combat Robot" skillfully integrates the advanced concepts and technical advantages of security large models to form a comprehensive and accurate knowledge graph-based security incident system. In the third quarter of 2023, it launched a new product—the "SkyNest v1.0" Security Risk Operation Platform—which enables full-lifecycle management of enterprise vulnerabilities. Zhongzhiwei continues to leverage its R&D capabilities to promote enterprises to conduct full-process, refined data security operation management on a unified system, achieve real-time transparency in collaborative work, ensure detailed and complete reports, and fundamentally improve the quality of data security assurance services.
Facing the fierce industry competition, Zhongzhiwei recognizes the importance of improving the security operation ecosystem. It took the lead in establishing and launching the AISecOps Ecosystem Element Periodic Table in China, building the strongest security grid ecosystem in the country. Through innovative integration and open API interfaces, Zhongzhiwei has established API security cooperation ecosystems with over 350 domestic and foreign security vendors, covering the automated integration and linkage of nearly 1,500 products, and gradually building an open, shared, and win-win data security ecosystem.
Today, Zhongzhiwei’s products have fully advanced commercialization, serving over 1,000 key benchmark customers including China UnionPay, Gree Group, State Grid, China Mobile, and the Strategic Support Force of the Chinese People’s Liberation Army. It has formed a development matrix centered in Nanjing with business radiating to multiple provinces across the country, and has established subsidiaries or offices in Beijing, Shanghai, Shandong, Shenzhen, Henan, and Suzhou. In addition, after years of accumulation, it has obtained 17 core invention patents and 39 software copyrights, and holds qualifications and honors such as "National High-Tech Enterprise", "Support Team Unit of the National Vulnerability Database of Information Security (CNVD)", "Technical Support Unit of the National Information Security Vulnerability Database (CNNVD)", "National Industrial Information Security Monitoring and Emergency Support Unit", "National 242 Information Security Special Cooperation Unit", "CNCERT Cybersecurity Emergency Service Support Unit (provincial level)", "Jiangsu ‘Digital-Driven Future’ Integration and Innovation Center", "Jiangsu Cybersecurity Technical Support Institution", and "Nanjing Cultivated Unicorn Enterprise".
In 2023, it was rated as an "Innovator" in China’s Security Orchestration, Automation and Response (SOAR) technology by the International Data Corporation (IDC). In 2024, it was selected as one of the four units (and the only representative from East China) in the cybersecurity threat monitoring field of the 10th CNCERT Cybersecurity Emergency Service Support Units by the National Computer Network Emergency Response Technical Team/Coordination Center of China.
Focusing on Cybersecurity Offense-Defense Actual Combat, Making Strategic Explorations
The digital intelligence era is also an era of "all things growing". Various types of data continue to accumulate like rivers, driving social progress like blood vessels—but also expanding risks infinitely. Attaching strategic importance to building strong offense-defense and traceability capabilities is the responsibility of enterprises in the industry.
Based on the customer needs accumulated over the years in providing flexible and decoupled security operation product solutions for customers in different industries, combined with the problems and risks in the lifecycle of intelligent security products, Zhongzhiwei optimizes product details, extends adaptability, accelerates the expansion of its product matrix, continuously improves product performance, enhances functions, and strengthens the efficient operation of the operation system. In addition, the company plans to support and promote the "Cybersecurity Action" through comprehensive and advanced management collaboration and response linkage capabilities, and hopes to expand its coverage to 9 more provinces beyond Jiangsu, Shandong, Shanxi, Sichuan, Anhui, and Guizhou, continuing to play a positive role in the healthy development of regional cybersecurity ecosystems in digital city construction and industry security capability linkage.
"In the first half of 2023, Zhongzhiwei has jointly established Nanjing Big Data Security Technology Co., Ltd.—a state-owned platform—with Nanjing Big Data Group. We hope to leverage our unique advantages in technology, philosophy, and positioning to support supervision, serve enterprises, and achieve collaborative support between ‘supervision and air defense’ and ‘critical infrastructure defense’. At the same time, we are also actively laying out in the fields of data security operations, industrial internet, internet of things, and internet of vehicles, attempting to make new breakthroughs and make every move in the ‘offense-defense game’," Sun Jie believes that future cyber warfare will be characterized by asymmetry and concealment, and only by making strategic preparations can we better respond to risks.
In this regard, a relevant person in charge of the Investment Department IV of Nanjing Innovation Investment Group also stated, "Amid the wave of digital transformation and AI technology empowering industries, the cybersecurity industry is facing more opportunities. As a technology-driven innovative enterprise, Zhongzhiwei is at the forefront of its peers in technology, products, and business expansion. The company focuses on cybersecurity ‘offense-defense’ actual combat, allowing users to truly see the value generated by cybersecurity construction investment. This investment by Nanjing Innovation Investment Group is also an investment in a safer digital future. We look forward to the company continuing to achieve business innovation in the future and making greater contributions to the cybersecurity industry."
Source: Nanjing Innovation Investment Group
Review: Xue Yao
Release: You Yi
