What's New

1

Adding resource instances associated with a check item to an allowlist

If you want to ignore a check item or instance during a check, you can add the check item or instance to an allowlist.

Commercial use

Managing Check Items

2

Copying a workflow

You can quickly create a workflow by copying an existing one.

Commercial use

Security Orchestration Overview

3

Common weak password detection, password complexity policy detection, PCI DSS, and NIST SP 800-53 compliance packs available for baseline inspection

Common Weak Password Detection, Password Complexity Policy Detection, PCI DSS, and NIST SP 800-53 compliance packs are now available for baseline inspection to help you detect risky configurations of cloud services.

Commercial use

Baseline Inspection Overview

4

Multi-account management

As more and more enterprises migrate their services to the cloud, cloud resource, project, personnel, and permission management is becoming increasingly complex. A centralized approach to managing cloud resources across multiple accounts is essential for enterprise environments.

You can aggregate resources from multiple accounts into one account to centrally manage security, configure protection policies, monitor data operations, and detect security risks in real time.

Commercial use

Multi-Account Management

5

AI risk overview

AI Risk Overview displays the compliance status of the AI models in real time. It supports data corpus, inference services, and environment security risk operations. So, you can identify risks and potential threats of AI models in a timely manner. On the AI Risk Overview page, you can learn of inference security, corpus security, and environment security.

• Inference security: SecMaster analyzes WAF attack and access logs and displays the number of API calls, the number of API calls that match protection policies, the domain names of top 5 inference models matching protection policies and the number of risks, prompt injection attack distribution, and inference model attack type distribution.
• Corpus security: SecMaster analyzes DSC alarm logs and displays the corpus risk types and quantity, and the distribution of top 5 corpus risk assets.
• Environment security: SecMaster analyzes its baseline checks, vulnerabilities, and alerts and displays the top 5 compliance check risks, top 5 vulnerability risks, top 5 alerts, and recent attacks in the current workspace.

Commercial use

AI Risk Overview

1

OS Configuration Baseline compliance pack

SecMaster professional edition supports the OS Configuration Baseline compliance pack. This compliance pack can synchronize HSS baseline check items from HSS as long as you enable access to HSS baseline check logs.

Commercial use

Baseline Inspection

2

Automatic generation of a customizable security report summary

A summary is automatically generated for each information module of a security report. Users can customize the summary as needed.

Commercial use

Creating or Copying a Security Report

3

Alert management optimized

Alerts are classified into Alarms and Attacks.

The data sources of alarms are as follows:

• Alerts generated by SecMaster threat detection models
• Alerts customized and added by users
• Alerts imported by users

The data sources of attacks are as follows:

• Raw alerts reported by security products configured at each defense layer

Commercial use

Alert Overview

1

Pay-per-use SecMaster

SecMaster professional edition and value-added packages can be billed on a pay-per-use basis.

Commercial use

Buying SecMaster

1

More security report formats

SecMaster can send security reports in many formats to specified recipients by email so that they can learn of asset security status in a timely manner.

Commercial use

Creating a Security Report Template

2

Optimized baseline inspection

More preconfigured compliance packs are included in baseline inspection. Custom check items and compliance packs are supported.

Commercial use

Viewing Baseline Inspection Results

1

Baseline inspection results displayed centrally

SecMaster displays the baseline inspection results of automatic check items for associated assets in one place, so that one can easily learn of which assets fail which check items.

Commercial use

Viewing Baseline Inspection Results

2

Baseline inspection result import and export

You can import and export baseline inspection results.

Commercial use

Handling Baseline Inspection Results

3

Alert management optimized

A simpler and more intuitive layout is used for the alert management page. More details are included on the alert details page.

Commercial use

Viewing Alerts

1

SecMaster rollout

Situation Awareness is upgraded into SecMaster.

SecMaster is a next-generation cloud native security operation platform. Based on years of cloud security experience of Huawei Cloud, it enables integrated and automatic security operations through cloud asset management, security posture management, security information and event management, security orchestration and automatic response, cloud security overview, simplified cloud security configuration, configurable defense policies, and intelligent and fast threat detection and response.

Commercial use

What Is SecMaster?