Help Center/ SecMaster/ FAQs/ Product Consulting/ What Are the Differences Between SecMaster and HSS?
Updated on 2023-12-22 GMT+08:00

What Are the Differences Between SecMaster and HSS?

Service Positioning

  • SecMaster is a next-generation cloud native security operations platform. Based on years of Huawei Cloud experience in cloud security, it enables integrated and automatic security operations through cloud asset management, security posture management, security information and incident management, security orchestration and automatic response, cloud security overview, simplified cloud security configuration, configurable defense policies, and intelligent and fast threat detection and response.
  • Host Security Service (HSS) is designed to protect server workloads in hybrid clouds and multi-cloud data centers. It protects servers and containers and prevents web pages from malicious modifications.

In short, SecMaster presents the comprehensive view of security posture, and HSS secures servers and containers.

Function Differences

  • SecMaster collects security data (including detection data of security services such as HSS, WAF, and Anti-DDoS) on the entire network and provides capabilities such as cloud asset management, security posture management, security information and incident management, security orchestration, and automatic response, helping you implement integrated and automatic security operations management.
  • HSS uses technologies such as AI, machine learning, and deep algorithms to analyze server risks through agents installed on protected servers. It delivers inspection and protection tasks through the console. You can manage the security information reported by the Agent through the HSS console.
Table 1 Differences between SecMaster and HSS

Item

Common Function

Difference

Asset security

Server

Both can display the overall security posture of servers.

  • SecMaster synchronizes server risk data from HSS and then displays overall server security posture.
  • HSS scans accounts, ports, processes, web directories, software information, and automatic startup tasks on servers and displays server security posture.

Websites

-

  • SecMaster checks and scans the overall security posture of website assets from different dimensions.
  • HSS does not support this function.

Vulnerability

Emergency vulnerability notices

-

  • SecMaster synchronizes security notices from Huawei Cloud. You can obtain security information in a timely manner.
  • HSS does not support this function.

Server vulnerabilities

Both can display server scanning results and support server vulnerability management.

  • SecMaster synchronizes server vulnerability data from HSS and allows you to manage server vulnerabilities in SecMaster.
  • HSS allows you to manage Linux, Windows, Web-CMS, and application vulnerabilities. It also gives you an overview of vulnerabilities in real time, including vulnerability scan details, vulnerability statistics, vulnerability types and distributions, your top 5 vulnerabilities, and the top 5 risky servers.

Baseline inspection

Cloud service baseline

-

  • SecMaster can help you check key configurations of Huawei Cloud services you enabled based on built-in checks that are included in Cloud Security Compliance Check 1.0 and Network Security.
  • HSS does not support this function.

Unsafe settings

-

  • SecMaster does not support this function.
  • HSS checks your baseline settings, including checking for weak passwords, and reviewing security policies and configuration details. HSS provides an overview of your configuration security rating, the top 5 configuration risks, detected weak passwords, and the top 5 servers with weak passwords configured.