Overview
Background
SecMaster can integrate the vulnerabilities scanned by Host Security Service (HSS) and display them centrally. You can quickly locate vulnerable assets and fix vulnerabilities.
For details about how HSS scans for vulnerabilities and which types of vulnerability it scans for, see HSS Vulnerability Management Overview.
ECS Vulnerabilities
SecMaster can display vulnerabilities scanned by HSS in real time. You can view vulnerability details and find fixing suggestions.
The following host vulnerabilities can be detected:
Check Items |
Description |
---|---|
Linux software vulnerability detection |
SecMaster detects vulnerabilities in the system and software (such as SSH, OpenSSL, Apache, and MySQL) based on vulnerability libraries, reports the results to the management console, and generates alerts. |
Windows OS vulnerability detection |
SecMaster subscribes to Microsoft official updates, checks whether the patches on the server have been updated, pushes Microsoft official patches, reports the results to the management console, and generates vulnerability alerts. |
Web-CMS vulnerability detection |
SecMaster checks web directories and files for Web-CMS vulnerabilities, reports the results to the management console, and generates vulnerability alerts. |
Application Vulnerabilities |
SecMaster detects the vulnerabilities in the software and dependency packs running on the server, reports risky vulnerabilities to the console, and displays vulnerability alerts. |
The vulnerability severity levels in SecMaster and vulnerability fix priorities in HSS are as follows:
- HSS: The vulnerability fix priority is weighted based on the CVSS score, release time, and the importance of the assets affected by the vulnerability. It reflects the urgency of the fix.
HSS classifies vulnerability fix priorities into four levels: critical, high, medium, and low. You can refer to the priorities to fix the vulnerabilities that have significant impact on your server first.
- SecMaster: The vulnerability severity is determined by CVSS scores. It reflects how severe the vulnerability is.
SecMaster classified vulnerability severity into four levels: high, medium, low, and informative. You can fix vulnerabilities based on their severity.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.