2021 annual report 1 / 295 Company Code: Dbappsecurity Co.Ltd(688023) company abbreviation: Dbappsecurity Co.Ltd(688023) Dbappsecurity Co.Ltd(688023) 2021 annual report 2021 annual report 2 / 2952021 annual report 3 / 2952021 annual report 4 / 2952021 annual report 5 / 2952021 annual report 6 / 2952021 annual report 7 / 2952021 annual report 8 / 295 important tips 1. The board of directors, the board of supervisors and the directors, supervisors The senior managers guarantee the authenticity, accuracy and completeness of the contents of the annual report, and there are no false records, misleading statements or major omissions, and bear individual and joint legal liabilities. 2、 When the company was listed, it was unprofitable and did not realize profit □ yes √ No. III. Major Risks: during the reporting period, the company’s operating revenue maintained rapid growth, but its net profit decreased significantly, mainly because during the reporting period, while continuously improving its core competitiveness in the fields of cloud security, big data security, Internet of things security and security services, the company also increased its focus on data security, information and innovation security The investment in technology R & D, market development and management optimization of relevant products and platforms in new strategic directions such as terminal security and intelligent security gateway has led to a rapid increase in the company’s R & D expenses and sales expenses, and a decline in net profit to a certain extent. In the future, with the continuous maturity of relevant products and technologies of the company and the gradual formation of scale effect, the new direction will continue to create new profit growth points for the company. In “IV. risk factors” of section III “management discussion and analysis” of this report, the company expounds in detail the specific reasons and Countermeasures for the decline of the company’s net profit, as well as other risks that the company may face in the process of operation. Please pay attention to the relevant contents. 4、 All directors of the company attended the board meeting. 5、 Lixin Certified Public Accountants (special general partnership) issued a standard unqualified audit report for the company. 6、 Wu Zhuoqun, the person in charge of the company, Dai Yongyong, the person in charge of the accounting work, and Ma min, the person in charge of the accounting organization (Accounting Supervisor), declare that they guarantee the authenticity, accuracy and completeness of the financial report in the annual report. 7、 According to the profit distribution plan or the plan of converting accumulation fund into share capital adopted by the board of directors during the reporting period, the company plans not to pay cash dividends, give bonus shares or convert capital accumulation fund into share capital in 2021. The retained undistributed profits of the company will be mainly used for daily operation to ensure the capital demand and sustainable development of the company, so as to improve the long-term operating performance of the company and achieve the strategic planning objectives of the company, Better safeguard the long-term interests of all shareholders of the company. This proposal has been deliberated at the 17th meeting of the second board of directors of the company and needs to be submitted to the 2021 annual general meeting of shareholders of the company for deliberation. 8、 Whether there are important matters such as special arrangements for corporate governance □ applicable √ not applicable IX. risk statement of forward-looking statements √ applicable □ not applicable to forward-looking statements such as the company’s future plan and development strategy involved in this report, which does not constitute the company’s substantive commitment to investors. Investors are invited to pay attention to investment risks. 2021 annual report 9 / 295 10. Whether there is any non operational occupation of funds by the controlling shareholders and their related parties 11. Whether there is any external guarantee in violation of the specified decision-making procedures 12. Whether more than half of the directors cannot guarantee the authenticity, accuracy and completeness of the annual report disclosed by the company 13 Others □ applicable √ not applicable 2021 annual report 10 / 295 table of Contents section I interpretation Section 2 company profile and main financial indicators 15 section III Management Discussion and analysis Section IV corporate governance 56 Section V environment, social responsibility and other corporate governance 77 section VI important matters Section VII changes in shares and shareholders 108 Section VIII preferred shares 118 section IX relevant information of corporate bonds 119 section x financial report 119 the catalogue of documents for future reference contains the financial statements signed and sealed by the person in charge of the company, the person in charge of accounting work and the person in charge of accounting organization (Accounting Supervisor).
The original of the audit report with the seal of the accounting firm and the signature and seal of the certified public accountant. The text of all company documents and the original version of the announcement publicly disclosed on the website designated by the CSRC during the reporting period. 2021 annual report 11 / 295 section I interpretation 1. Interpretation in this report, unless the context otherwise requires, the following words have the following meanings: common words and expressions mean company, the company, joint stock company, Dbappsecurity Co.Ltd(688023) refers to Dbappsecurity Co.Ltd(688023) Ali venture capital refers to Hangzhou Ali Venture Capital Co., Ltd. Ningbo Runhe refers to Ningbo Runhe Xingyuan investment partnership (limited partnership) (before renaming) Ningbo Heng’an investment partnership (Shanghai) Co., Ltd. (referred to as “Hang’an Shun” partnership investment (Shanghai) Co., Ltd.) Shanghai Mengyuan refers to Shanghai Mengyuan Investment Management Center (limited partnership), Chongqing Qihou refers to Chongqing Qihou Xihai Equity Investment Management Co., Ltd., Hangzhou juesheng refers to Hangzhou juesheng Xinqian investment management partnership (limited partnership), Zhejiang Donghan refers to Zhejiang Donghan high investment Yangtze River Delta investment partnership (limited partnership) Zhejiang Ouxin refers to Zhejiang Ouxin Venture Capital Co., Ltd., Shanghai Zhanpeng refers to Shanghai Zhanpeng Investment Co., Ltd., Hangzhou Qianyu refers to Hangzhou Qianyu investment partnership (limited partnership), Shenzhen Fuhai refers to Shenzhen Fuhai innovation venture capital fund enterprise (limited partnership), Zhuhai Fuhai refers to Zhuhai Fuhai Huajin venture capital fund (Limited partnership), Hangzhou Haibang refers to Hangzhou Haibang giant venture capital partnership (limited partnership) Hangzhou Fuchun refers to Hangzhou Fuchun No. 1 equity investment fund partnership (limited partnership) Gongqingcheng Mengyuan refers to Gongqingcheng Mengyuan Yingxin investment partnership (limited partnership) Langma venture capital refers to Langma No. 11 (Shenzhen) venture capital center (limited partnership) Zhuhai Huajin refers to Zhuhai Huajin Lingyue intelligent manufacturing industry investment fund (limited partnership) Hangzhou Qianhai refers to Hangzhou Qianhai venture capital partnership (limited partnership) Taizhou Xili refers to Taizhou Xili equity investment partnership (limited partnership) Franco refers to Hangzhou Franco Information Security Technology Co., Ltd. China Telecom Corporation Limited(601728) refers to China Telecom Corporation Limited(601728) high dimensional data refers to Hefei high dimensional data Technology Co., Ltd. Zhejiang Big Data Trading Center refers to Zhejiang Big Data Trading Center Co., Ltd. Jiexing Xinyuan refers to Anhui Jiexing Xinyuan Information Technology Co., Ltd. the Securities Law refers to Securities Law of the people’s Republic of China, company law refers to the company law of the people’s Republic of China, articles of association refers to Dbappsecurity Co.Ltd(688023) articles of association, senior managers refer to the general manager, deputy manager, chief financial officer and the 2021 annual report of the board of directors 12 / 295 Secretary of the China Securities Regulatory Commission refers to the reporting period of China Securities Regulatory Commission, and this reporting period refers to the year 2021, yuan, 10000 yuan, 100 million yuan refers to RMB, 10000 yuan Billion yuan, unless otherwise indicated in the text, CCID Consulting refers to CCID Consulting Co., Ltd. Alibaba cloud refers to Alibaba cloud computing Co., Ltd., the cloud computing brand of Alibaba group, Huawei cloud refers to the cloud computing brand of Huawei, Inspur cloud refers to the big data technology platform created by Shanghai Inspur cloud computing Service Co., Ltd., openstack refers to the large data technology platform jointly developed by NASA and Rackspace, Tianyi cloud, an open-source cloud computing management platform, refers to the cloud computing brand WAF under China Telecom Corporation Limited(601728) banner, and refers to webapplicationfirewall. Network application firewall vulnerabilities refer to defects in the specific implementation of hardware, software, protocols or system security policies, which enable attackers to access or destroy the system without authorization. Viruses refer to those compiled or inserted into computer programs that destroy computer functions or data, A group of computer instructions or program code that affects the use of the computer and can be copied by itself. Trojan horse refers to a hidden and spontaneous program that can be used for malicious behavior. SQL injection refers to submitting or entering the query string of domain name or page request by inserting SQL command into web form, DDoS refers to the distributed denial of service attack, which combines multiple computers as an attack platform with the help of client / server technology to attack one or more targets, making the computer or network unable to provide normal services. Apt attack refers to the advanced persistent threat attack, Take advantage of advanced attack methods to carry out long-term continuous network attacks on specific targets. 0day vulnerability refers to the vulnerability that has been discovered (may not be disclosed) but has not been officially patched. CC refers to challenge collapsar, which challenges the black hole and causes the website to refuse service by sending connection requests to the website. ISO27001 refers to international organization for standardization, The information security management requirements specified by the British Standards Association sumap refers to the global network high-speed detection engine developed by the company, which provides real-time data for situation awareness and threat monitoring. AI refers to artistic intelligence and artificial intelligence annual report 13 / 295 in 2021. It is a new technology science to research and develop theories, methods, technologies and application systems for simulating, extending and expanding human intelligence. Software gene refers to binary fragments with functions or carrying information on the software body. Level protection 2.0 refers to network security level protection, commonly known as level protection 2.0. It puts forward cloud security, mobile Internet Security and Internet of things security