Situation Overview
The Situation Overview page displays the security evaluation of resources in the current workspace in real time. On the Security Overview page, you can view security status of your cloud resources and manage risks centrally.
Procedure
- Log in to the management console.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose Security Situation > Situation Overview.
Figure 2 Situation Overview
- On the Security Overview page, you can view the security overview of your assets and perform related operations. The Situation Overview page consists of the following modules:
The following table describes the reference periods and update frequency of the modules.
Table 1 Situation Overview Parameter
Reference Period
Update Frequency
Description
Security Score
Real-time
- Automatic update at 02:00 every day
- Updated every time you click Check Again
The score is calculated based on what security services are enabled, and the levels and numbers of unhandled configuration issues, vulnerabilities, and threats. For details, see Security Scores and Unscored Items.
Threat Alarms
Last 7 days
Every 5 minutes
Total number of alerts on the
page in a workspace.Vulnerabilities
Last 7 days
Every 5 minutes
Total number of vulnerabilities on the
in a workspace.Abnormal Baseline Settings
Real-time
Every 5 minutes
Total number of issues on the Risk Prevention > Baseline Inspection page in a workspace.
Your Security Score over Time
Last 7 days
Every 5 minutes
Security scores in the last seven days.
Security Score
The security score shows the overall health status of your workloads on the cloud based on the SecMaster edition you are using. You can quickly understand the unprocessed risks and their threats to your assets. Figure 3 shows an example.
- The security score is automatically updated at 02:00 every day. You can also click Check Again to update it immediately.
- The score ranges from 0 to 100. The higher the security score, the more secure your assets. For details, see Security Scores and Unscored Items.
- Different color blocks in the security score ring chart indicate different severity levels. For example, yellow indicates that your security is medium.
- Click Handle Now. The Risks pane is displayed on the right. You can handle risks by referring to the corresponding guidance.
- The Risks slide-out panel lists all threats that you should handle in a timely manner. These threats are included in the Threat Alarms, Vulnerabilities, and Abnormal Baseline Settings areas.
- The Risks pane displays the latest check results of the last scan. The Alerts, Vulnerabilities, and Abnormal Baseline Settings pages show check results of all previous scans. So, you will find the threat number on the Risks pane is less than that on those pages. You can click Handle for an alert on the Risks pane to go to the corresponding page quickly.
- Handling detected security risks:
- In the Security Score area, click Handle Now.
- On the Risks slide-out panel displayed, click Handle.
- On the page displayed, handle risk alerts, vulnerabilities, or baseline inspection items.
- The security score is updated when you refresh status of the alert incident after risk handling. After you fix the risks, you can click Check Again so that SecMaster can check and score your system again.
After risks are fixed, manually ignore or handle alert incidents and update the alert incident status in the alert list. The risk severity can be down to a proper level accordingly.
- The security score reflects the security situation of your system last time you let SecMaster check the system. To obtain the latest score, click Check Again.
Security Scores and Unscored Items
SecMaster assesses the overall security situation of your cloud assets in real time and scores your assets.
This section describes how your security score is calculated.
- Security Score
SecMaster evaluates the overall security situation of your assets.
- There are five risk severity levels, Secure, Informational, Low, Medium, High, and Critical.
- The score ranges from 0 to 100. The higher the security score, the lower the risk severity level.
- The security score starts from 0 and the risk severity level is escalated up from Secure to the next level every 20 points. For example, for scores ranging from 40 to 60, the risk severity is Medium.
- The color keys listed on the right of the chart show the names of donut slices. Different color represents different risk severity levels. For example, the yellow slice indicates that your asset risk severity is Medium.
- The security score is updated in real time when you refresh status of the alert incident after risk handling.
After risks are fixed, manually ignore or handle alert incidents and update the alert incident status in the alert list. The risk severity can be down to a proper level accordingly.
Table 2 Security score table Severity
Security Score
Description
Secure
100
Congratulations. Your assets are secure.
Informational
80 ≤ Security Score < 100
Your system should be hardened as several security risks have been detected.
Low
60 ≤ Security Score < 80
Your system should be hardened in a timely manner as too many security risks have been detected.
Medium
40 ≤ Security Score < 60
Your system should be hardened, or your assets will be vulnerable to attacks.
High
20 ≤ Security Score < 40
Detected risks should be handled immediately, or your assets will be vulnerable to attacks.
Critical
0≤ Security Score <20
Detected risks should be handled immediately, or your assets may be attacked.
- Unscored Check Items
Table 3 lists the security check items and corresponding points.
Table 3 Unscored check items Category
Unscored Item
Points
Suggestion
Maximum Unscored Point
Enabling of security services
Security-related services not enabled
-
Enable security-related services.
30
Compliance Check
Critical non-compliance items not fixed
10
Fix compliance violations by referring recommended fixes and start a scan again. The security score will be updated.
20
High-risk non-compliance items not fixed
5
Medium-risk non-compliance items not fixed
2
Low-risk non-compliance items not fixed
0.1
Vulnerabilities
Critical vulnerabilities not fixed
10
Fix vulnerabilities by referring corresponding suggestions and start a scan again. The security score will be updated.
20
High-risk vulnerabilities not fixed
5
Medium-risk vulnerabilities not fixed
2
Low-risk vulnerabilities not fixed
0.1
Threat Alerts
Critical alerts not fixed
10
Fix the threats by referring to the suggestions. The security score will be updated accordingly.
30
High-risk alerts not fixed
5
Medium-risk alerts not fixed
2
Low-risk alerts not fixed
0.1
Security Monitoring
The Security Monitoring area includes Threat Alarms, Vulnerabilities, and Abnormal Baseline Settings, which sort risks that have not been handled.
Parameter |
Description |
---|---|
Threat Alarms |
This panel displays the unhandled threat alerts in a workspace for the last 7 days. You can quickly learn of the total number of unhandled threat alerts and the number of vulnerabilities at each severity level. The statistics are updated every 5 minutes.
|
Vulnerabilities |
This panel displays the top five vulnerability types and the total number of unfixed vulnerabilities in your assets in a workspace for the last 7 days. You can quickly learn of the total number of unfixed vulnerabilities and the number of vulnerabilities at each severity level. The statistics are updated every 5 minutes.
|
Abnormal Baseline Settings |
This panel displays the total number of compliance violations detected in a workspace. You can quickly learn of total number of violations and the number of violations at each severity level. The statistics are updated every 5 minutes.
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.