Overview
SecMaster is a next-generation cloud native security operations platform. Based on years of Huawei Cloud experience in cloud security, it enables integrated and automatic security operations through cloud asset management, security posture management, security information and incident management, security orchestration and automatic response, cloud security overview, simplified cloud security configuration, configurable defense policies, and intelligent and fast threat detection and response.
This document describes the process of using the professional SecMaster. The process is as follows:
No. |
Operation |
Description |
|
---|---|---|---|
1 |
Provides guidelines on how to purchase the professional SecMaster and value-added functions (large screen, intelligent analysis, and security orchestration). |
||
2 |
After purchasing SecMaster, you need to authorize it to access some of your services. |
||
3 |
This topic describes how to create a workspace, which is the top-level workbench in SecMaster. |
||
4 |
Access Data |
This topic describes how to enable asset subscription so that asset information of the logged-in account can be synchronized to the current workspace. |
|
After logs of cloud services such as WAF, HSS, and OBS are integrated into SecMaster, you can use SecMaster to query and analyze them for centralized O&M. |
|||
5 |
Configuring and Enabling Related Checks |
You can enable, configure, and apply protection policies for 7 layers of defense and enjoy comprehensive protection. |
|
If you enable intelligent modeling, information such as alerts, incidents, and indicators can be automatically extracted by models. |
|||
Playbooks are used to automatically handle alerts, incidents, and threat intelligence. |
|||
SecMaster can scan cloud services for risks in key configuration items, report scan results by category, generate alerts for risky settings, and provide hardening suggestions and guidelines. |
|||
6 |
You can specify how you would like SecMaster to automatically send reports. |
||
7 |
After data integration is configured, you can perform operations such as asset management, threat detection, and alert investigation based on the integrated data. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.