文/新浪财经香港站 赵岚 公司表示未来可能根据盈利情况择机上市，港交所亦是公司上市的重要选项。 2023年，微步在线在香港成立子公司，实施"入港出海"战略，并将香港定位为国际业务总部，范围辐射 东南亚和中东地区。关普璟强调这并非单纯的市场拓展，而是基于"安全没有边界"的逻辑。当前网络攻 击呈现"全球发起，本地落地"特征，例如某境外攻击团伙可能针对中国企业或机构发起攻击，其恶意 IP、域名等情报需通过全球节点实时采集。香港作为国际网络枢纽，具备情报采集、技术协同的天然优 势，可作为微步在线连接全球威胁情报网络的"节点中枢"；同时，香港的国际化营商环境与技术标准， 也能帮助企业适配不同国家和地区的安全合规要求，为后续服务全球政企客户奠定基础。 关普璟介绍，公司目前的技术路径可妥善管控此类风险。"因为公司以威胁情报TI和人工智能AI为技术 内核，通过TI识别AI攻击的特征模式，通过AI分析威胁信号，形成针对性防护能力。"即 TI+AI驱动 的"云+流量+边界+端点"智慧安全运营产品及服务，帮助政企客户建立建全生命周期的威胁监控体系和 安全响应能力。 精准识别"告警" 以"精准防御"替代"广谱防御" 当前网络安全领域 ...

Group 1 - The current cybersecurity landscape has significantly changed compared to ten years ago, with most enterprises having completed digital transformation and requiring a reassessment of cybersecurity importance [1][3] - Many companies still hold outdated views, believing that purchasing cybersecurity software guarantees safety, while real threats like phishing attacks demonstrate the inadequacy of this approach [3][4] - Companies face eight major challenges in security operations, including phishing attacks, vulnerability management, and credential misuse, necessitating a return to the essence of security operations and improvement of foundational capabilities [3][4] Group 2 - The cybersecurity industry is experiencing internal competition driven by low pricing strategies, as many digitalized enterprises fail to recognize the evolving nature of cybersecurity [4] - This low-price competition leads to a negative cycle where customers face unresolved cybersecurity issues after initial engagement, highlighting the need for proactive measures [4] - The company aims to differentiate itself by helping enterprises prevent cybersecurity incidents before they occur, advocating for a positive industry development rather than reactive measures post-incident [4]

21日，CSOP2025网络安全运营实战大会在北京拉开序幕。多位安全专家在大会上探讨实战安全运营新 策略，分享关键基础设施防护实战经验，以构建更具韧性的网络安全防线。 新态势下的新实战 实战在网络安全中居于核心地位，是检验防御体系有效性、提升应对能力的关键标志和终极目标。 中新网北京8月21日电 (记者 刘亮)网络安全，被视为"一场没有硝烟的战争"，其牵一发而动全身，既事 关国家安全和国家发展，也和广大民众的切实利益息息相关。随着全球信息化步伐加快，网络安全也不 断面临新挑战。 具体到办公终端而言，微步在线技术合伙人黄雅芳表示，面对钓鱼木马、漏洞攻击以及合法凭据、工具 的滥用，以EDR(终端检测与响应)为代表的高级威胁对抗技术，也面临着理解复杂攻击行为不易准确理 解、检测的实时性与准确性之间难以平衡、被致盲与绕过等困境，需要在安全运营中做到及时的检测响 应、常态化的威胁狩猎、构建企业特有的检测能力。 智能驱动，从被动应对到主动防御 金山云企业安全负责人刘鹏指出，网络攻击的新态势，是攻击频率加快、规模扩大，攻击手段更加多 样、隐蔽，攻击目标转向集权、核心系统，攻击流程更加自动化、智能化，只有通过"主动防御+纵深 ...

中国计算机学会计算机安全专业委员会主任严明、中关村科学城管委会产业促进二处副处长戴丹为大会 致辞。 新态势下的新实战 实战在网络安全中居于核心地位，是检验防御体系有效性、提升应对能力的关键标志和终极目标。 "我们的安全运营面临八大硬核难题，包括钓鱼攻击、漏洞管理、海量告警、高质量日志缺失、凭证泄 露与滥用、加密流量检测、攻防时间不对称以及不断扩大的攻击面。"微步在线创始人兼CEO薛锋说， 想要解决这些问题，必须回归安全运营的本质，通过提升基础能力而非盲目追逐热点，才能实现安全能 力的质变。 8月21日，年度网络安全盛会——CSOP 2025网络安全运营实战大会在北京拉开序幕。本次大会以"新态 势·新实战"为主题，吸引了来自政府机构、国央企、科研院所、顶尖高校、运营商、大型金融机构、互 联网头部企业等多位安全专家，共同探讨了实战安全运营新策略，分享关键基础设施防护实战经验，合 力构建更具韧性的安全防线。 金山云企业安全负责人刘鹏介绍了企业安全在梳理、评估、布防、演练、保障等阶段的要点。在他看 来，网络攻击的新态势，是攻击频率加快、规模扩大，攻击手段更加多样、隐蔽，攻击目标转向集权、 核心系统，攻击流程更加自动化 ...

Core Viewpoint - The report emphasizes the importance of "threat intelligence" in the context of increasing cybersecurity threats, shifting from passive to proactive security strategies, and highlights the need to clarify its definition and scope within the broader cybersecurity industry [1][2]. Market Overview - The report provides a comprehensive analysis of the current state of the threat intelligence market in China, including market size, growth trends, and key players such as 微步在线. It examines both supply and demand sides, assessing the capabilities and market shares of major threat intelligence vendors [1][2][36]. Development Insights - Future trends in the threat intelligence industry are explored, focusing on three main areas: international expansion of intelligence services, the impact of AI large models, and the integration of vulnerability intelligence. The report analyzes how these trends may reshape the industry landscape and create potential market opportunities [2][68][75]. Background on Cyber Threats - Cyber threats are on the rise globally, with an increase in both the number of attackers and the frequency of attacks. Reports indicate a 76% increase in the number of victims of large-scale ransomware attacks, with the technology, consulting, and financial sectors being the most targeted [3][7]. Corporate Perspective - As digital transformation accelerates, companies face increasing cybersecurity risks. The number of IoT connections is expected to grow from 16 billion in 2023 to 40 billion by 2033, leading to more vulnerabilities and longer patching times for critical software [7][10]. Policy Perspective - The government is actively promoting enhanced cybersecurity measures across enterprises, shifting from passive to proactive defense strategies. This includes the need for advanced detection and response capabilities to mitigate potential threats [10]. Definition of Threat Intelligence - Threat intelligence is defined as the collection and analysis of data to identify threats, attack vectors, and malicious actors. It can be categorized into tactical, operational, and strategic intelligence, each serving different roles in cybersecurity defense [13][19]. Value of Threat Intelligence - The report highlights that threat intelligence enhances proactive defense capabilities and overall security operations for enterprises. It enables organizations to anticipate threats and share information across departments, thereby maximizing security resources [19]. Comparison of Domestic and International Development - The development trajectory of the threat intelligence industry in China mirrors that of international markets but lags in maturity and speed due to its later start. Differences in product integration and usage levels are noted, with domestic firms still catching up to their international counterparts [22][25]. Product Commercial Models - The domestic market primarily utilizes threat intelligence through direct data consumption or integration with security monitoring products. Various models exist, including standardized API interfaces and threat intelligence platforms [26]. Product Capabilities and Vendor Competitiveness - Key product capabilities include accuracy, richness, and timeliness of threat intelligence. Vendor competitiveness is driven by data collection and analysis capabilities, with a focus on utilizing big data and AI technologies [29]. Vendor Characteristics - Major vendors in the threat intelligence space are differentiating their offerings based on their unique data sources, service experiences, and business characteristics. The report outlines the capabilities of several leading firms, including 微步在线 and 奇安信 [32][34]. Market Size and Growth - The threat intelligence market in China experienced a temporary decline due to the pandemic, with a projected market size of 1.61 billion yuan in 2024, reflecting a slight decrease from 2023. However, long-term growth is expected as security needs and product integration continue to rise [36][37]. Competitive Landscape - The market is characterized by low concentration, with leading firms like 微步在线, 腾讯安全, and 奇安信 actively expanding their product offerings and enhancing their competitive positions. Innovation and competition are anticipated to drive future industry dynamics [40]. Threat Intelligence Solutions - Various companies are developing comprehensive threat intelligence solutions, leveraging advanced technologies to enhance detection and response capabilities. For instance, 微步在线's NGTIP platform focuses on proactive threat detection through multi-source log analysis [44][47]. Emerging Trends - The report identifies two key emerging trends: the international expansion of threat intelligence services and the integration of AI large models to enhance operational efficiency and broaden application scenarios [68][72]. Additionally, the increasing focus on vulnerability intelligence is highlighted as a critical area for improving enterprise security [75].

Core Viewpoint - The report emphasizes the growing importance of "threat intelligence" in the context of increasing cybersecurity threats, shifting from passive to proactive security strategies [1][2][3] Market Overview - The report provides a comprehensive analysis of the current state of the threat intelligence market in China, including market size, key players, and future trends [1][2][37] - It highlights the significant growth in cyber threats, with a 76% increase in the number of victims of large-scale ransomware attacks and a 102% increase in attack frequency in certain industries [3][6] Development Insights - Future trends in the threat intelligence industry are explored, focusing on three main areas: international expansion of intelligence, AI large models, and vulnerability intelligence [2][70][74] - The report discusses the evolution of threat intelligence in compliance, technology, and application, indicating potential market opportunities [2] Background on Cyber Threats - The global landscape of cyber threats is characterized by an increase in both the number of attackers and the frequency of attacks, with significant impacts on various industries [3][6][11] - The digital transformation of enterprises is expanding their exposure to cyber threats, necessitating more comprehensive and timely protective measures [6][11] Threat Intelligence Definition and Value - Threat intelligence is defined as a high-level capability that enhances the proactive and timely defense of security products, allowing for real-time collection and analysis of global threat information [16][19][22] - The value of threat intelligence lies in its ability to improve proactive defense capabilities and enhance overall security operations for enterprises [22] Comparison of Domestic and International Development - The development trajectory of the threat intelligence industry in China is similar to that of overseas markets, but it lags in speed and maturity due to a later start [24] - Differences in security needs have led to variations in the integration of threat intelligence products between domestic and international markets [24] Business Models in China's Threat Intelligence Industry - The market primarily utilizes two approaches: direct application and consumption of threat intelligence data and platforms, and integration with security monitoring and response products [27] - The report outlines three types of pure intelligence products and various integration methods that form comprehensive products [27] Product Capabilities and Competitiveness - Key product capability indicators include accuracy, richness, and timeliness, while vendor competitiveness is driven by data and technology [30] - The ability to collect and analyze security big data is identified as a core competitive advantage for companies in the threat intelligence sector [30] Characteristics of Major Vendors - Major vendors in the threat intelligence space are differentiated by their foundational data, service experience, and business characteristics, leading to unique product capabilities [33] - The report provides a comparative analysis of five major vendors, highlighting their strengths and market positions [35] Market Size and Growth - The threat intelligence market in China experienced a short-term decline due to the pandemic, with a projected market size of 1.61 billion yuan in 2024, reflecting a slight decrease from 2023 [37][38] - The report anticipates a steady growth phase for the industry, driven by increasing security demands and product integration [38][41] Competitive Landscape - The market is characterized as low-concentration and oligopolistic, with leading firms like 微步在线, 腾讯安全, and 奇安信 establishing competitive advantages through differentiated capabilities [41] - The integration of new technologies such as AI and big data into threat intelligence is expected to drive competition and innovation in the industry [41] Vendor Solutions - Major vendors like 微步在线, 奇安信, and 腾讯安全 offer comprehensive threat intelligence solutions, leveraging advanced technologies to enhance security measures [45][58] - These solutions include various products and services aimed at improving threat detection, response, and overall security posture for enterprises [48][55][61]