keeplook4ever

DLP Scanning & Test Data Management - Developed Golang-based data scanning tool to identify 6+ sensitive types (PII, API Keys, passwords) via API/file scanning. Purged or encrypted 100+ exposed MySQL tables in test environments in collaboration with DBA and business teams. Designed production-to-test data sync pipelines with masking rules, Wiki metadata, Kafka integration for change tracking. Anomaly Detection & Compliance Reporting - Built FlinkCEP-based anomaly monitoring (DB ops, off-hour access), integrated with audit dashboards and alerts. Reduced false positives by 35% through behavior baselining and ML-assisted pattern refinement.

Sensitive Data Discovery & Protection Platform (MingJian) - SQLServer.d-to-end platform for sensitive data discovery and protection across MySQL, Hive, ClickHouse, Elasticsearch, Achieved 84%+ accuracy in L3/L4 classification using hybrid regex + expert-rule engines. Implemented full data control lifecycle: classification → encryption → masking → audit logging. Aligned data asset governance with GDPR and China DSL, enabling group-level compliance coverage. IAM & Access Governance - Designed permission analysis framework to identify dormant and high-risk accounts, reducing privilege misuse by 30%+. Enabled automated access review and approval flows, integrating with compliance audit procedures.

Zero Trust & IAM Technology Research - Evaluated Zero Trust solutions from Zhongtong, QiAnXin, Sangfor, Tencent, ByteDance, and IAM architectures from Huawei, AWS, integrating insights to design a corporate Zero Trust IAM model. Combined research with hands-on implementation via GeekTime IAM project to validate architecture feasibility. Data Security Platform Development - Built a Django-based platform supporting multi-source data queries (MySQL, Hive, HBase, PostgreSQL, MongoDB, Redis, Presto, OpenTSDB, ClickHouse) with data masking, RBAC, workflow approvals, and audit logging. Optimized data encryption and dynamic masking rules for sensitive fields (e.g., PII).

Security Anti-Fraud System Development - Designed and implemented a real-time anti-fraud system using Nginx-Lua for traffic mirroring and request interception, including a self-developed Lua-based blocking module and token revocation system. Led the 920 Anti-Fraud Project, covering vendor evaluation (Qianxin, Topsec, Knownsec, Ruishu), deployment, testing, and strategy optimization. Enhanced fraud prevention with device fingerprinting, CAPTCHA, and behavioral analysis, reducing potential losses by ¥800K+ during promotional events.