+ Digital Operating Infrastructure
ZTE integrates security governance into all business processes throughout the product lifecycle, supported by the digital technology. It implements a cybersecurity assurance digital operating framework that runs through supply chain, R&D, and project delivery.
Digital platforms such as the Intelligent Supply Collaboration Platform (ISCP), Product Research and Development Cloud (RD Cloud), and Global Customer Support Center (GCSC) are established to support security management and control throughout the entire product lifecycle. Based on the platforms, interacted processes such as resilient supply, continuous planning, collaborative development, continuous testing, release and deployment, and security issue handling can operate efficiently, precisely, and sustainably.
The configuration management system and vulnerability management system provide tracking capabilities for the entire product life cycle. Product security requirements can be traced end-to-end to the final product, and security issues of the final product can also be traced back all along to the source of product requirements.
The cybersecurity assurance digital operating infrastructure uses the DevSecOps tool chain to achieve security management and control throughout the whole process. For key security activities such as material security testing, third-party software security scanning, code scanning, vulnerability scanning, penetration testing, version protection, and security hardening, the tool chain is equipped with professional security tools to check whether products and services meet security requirements.