Help Center/ SecMaster/ User Guide/ Security Situation/ Security Reports/ Viewing a Security Report
Updated on 2025-07-31 GMT+08:00
View PDF

Viewing a Security Report

Scenario

This section describes how to view a created security report and its displayed information.

Viewing a Security Report

  1. Log in to the SecMaster console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
  4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.

    Figure 1 Workspace management page

  5. In the navigation pane on the left, choose Security Situation > Security Reports.

    Figure 2 Security Reports

  6. Click the module where the target report is located. The report details page is displayed.

    On the report details page, you can preview details about the current security report.

Content in the Daily Report Template

Table 1 Content in the daily report template

Parameter

Description

Data Scope

The default data scope of a daily report is from 00:00:00 to 23:59:59 on the previous day.

Report type

Report type.

Created

Time when the report was generated.

Security Score

SecMaster evaluates the overall asset security, baseline configuration, threat alerts, and security vulnerabilities for the previous day (from 00:00:00 to 23:59:59). You can quickly learn the overall security status of assets. The score may differ depending on the SecMaster edition in use.

Baseline Inspection

Displays the statistics of the latest baseline check, including the following information:

  • Total Check Items: the total number of check items in the latest baseline check.
  • Non-Compliant Items: the number of failed check items in the latest baseline check.
  • Unrepaired Items: the number of unfixed risks found in the latest baseline check.

Security Vulnerabilities

Displays the vulnerability statistics of the accessed cloud services on the previous day, including the following information:

  • Number of vulnerabilities
  • Number of unfixed vulnerabilities

Security response

Displays the security response statistics for the previous day, including the following information:

  • Alerts
  • Unhandled alerts
  • Closure rate: The rate of automatically closing alerts = Number of alerts automatically closed by SecMaster using playbooks on the previous day/Total number of alerts closed on the previous day

Asset security

Displays the current asset security status, including the following information:

  • Total number of current assets
  • Number of vulnerable assets

Security Analysis

Displays the security analysis statistics of the previous day, including the following information:

  • Total traffic of security logs on the previous day
  • Number of security log models

Policy Coverage

Displays the coverage of policies of current security products, including the following information:

  • Protected Assets: Number of instances protected by security products (= Number of ECSs protected with HSS + Number of websites protected with WAF instances)
  • Coverage: HSS coverage (= Number of ECSs protected with HSS/Total number of ECSs)

Asset risks

Displays the asset security status for the previous day, including the following information:

  • Number of attacked assets
  • Number of unprotected assets
  • Number of vulnerable assets
  • Asset change trend over the last seven days as of the previous day
  • Asset protection rate by asset type

Threat posture

Displays the threat posture of assets on the previous day, including the following information:

  • Number of DDoS attacks
  • Number of network attacks
  • Number of application attacks
  • Number of server attacks
  • New DDoS attacks from the previous day
  • Network/Server Attacks over Time
  • WAF Inspection (total number of WAF requests, number of WAF alerts, and number of WAF interception times)
  • Top 5 network attack types
  • Top 5 application attack type statistics
  • Top 5 server attack type statistics
  • Top 5 source IP addresses by application alerts
  • Top 5 Destination IP addresses by application alerts
  • Top 5 server alert distribution
  • Top 5 source IP addresses by network alerts

Log analysis

Displays the log analysis results for the previous day, including the following information:

  • Number of log sources on the previous day
  • Number of log indexes on the previous day
  • Total number of logs received on the previous day
  • Log volume stored on the previous day
  • Log volume change trend over the last seven days as of the previous day
  • Access traffic statistics of top 3 log sources over the last seven days as of the previous day
  • Number of alerts generated by top 10 models on the previous day

Security Response (Details)

Displays the security response information for the previous day, including the following information:

  • Number of unhandled alerts on the previous day
  • Number of unhandled incidents on the previous day
  • Number of unfixed vulnerabilities on the previous day
  • Number of unfixed unsafe baseline settings on the previous day
  • Threat alert distribution and quantity on the previous day
  • Top 5 intrusion incidents by type on the previous day
  • Top 5 emergency response incidents on the previous day
  • Top 20 threat alerts handled on the previous day

Content in the Weekly Report Template

Table 2 Content in the Weekly Report Template

Parameter

Description

Data Scope

SecMaster collects security information from 00:00:00 on Monday to 23:59:59 on Sunday of the previous week.

Report type

Report type.

Created

Time the report was generated.

Security Score

SecMaster evaluates the overall asset security, baseline configuration, threat alerts, and security vulnerabilities for the last day of the previous week. You can quickly learn the overall security status of assets. The score may differ depending on the SecMaster edition in use.

Baseline Inspection

Displays the statistics of the latest baseline check in the previous week. You can check the following information:

  • Total Check Items: the total number of check items in the latest baseline check.
  • Non-Compliant Items: the number of failed check items in the latest baseline check.
  • Unrepaired Items: the number of unfixed risks found in the latest baseline check.

Security Vulnerabilities

Displays the vulnerability statistics of the accessed cloud services for the last week, including the following information:

  • Number of vulnerabilities
  • Number of unfixed vulnerabilities

Security response

Displays the security response information for the previous week. You can check the following information:

  • Alerts
  • Unhandled alerts
  • Closure rate: The rate of automatically closing alerts = Number of alerts automatically closed by SecMaster using playbooks on the previous day/Total number of alerts closed on the previous day

Asset security

Displays the latest asset security information on the last day of the previous week. You can check the following information:

  • Total assets
  • Number of vulnerable assets

Security Analysis

Displays the security analysis statistics, including the following information:

  • Total security log traffic of last week
  • Number of security log models on the last day of the previous week

Policy Coverage

Displays the latest asset security information on the last day of the previous week, including the following information:

  • Protected Assets: Number of instances protected by security products (= Number of ECSs protected with HSS + Number of websites protected with WAF instances)
  • Coverage: HSS coverage (= Number of ECSs protected with HSS/Total number of ECSs)

Asset risks

Displays the latest asset security information on the last day of the previous week, including the following information:

  • Week-over-week changes on attacked asset quantity in monthly reports
  • Week-over-week changes on unprotected asset quantity in monthly reports
  • Week-over-week changes on vulnerable asset quantity in monthly reports
  • Asset changes over the previous week
  • Asset protection rate by asset type (%)

Threat posture

Displays the latest threat posture n on the last day of the previous week, including the following information:

  • Number of DDoS attacks
  • Number of network attacks
  • Number of application attacks
  • Number of server attacks
  • DDoS attacks since the last period
  • Network/Server attacks over time
  • WAF inspection findings
  • Top 5 network attack types
  • Top 5 application attack types
  • Top 5 server attack types
  • Top 5 application attack sources distribution
  • Top 5 attacked application distribution
  • Top 5 HSS alert distribution
  • Top 5 network attack sources distribution

Log analysis

Displays the log analysis results for the previous week, including the following information:

  • Number of log sources
  • Number of log indexes
  • Total number of received logs
  • Log storage
  • Log volume changes
  • Top 3 log source access statistics
  • Number of alerts generated by top 10 models on the previous day

Security Response (Details)

Displays the security response information for the previous week. You can check the following information:

  • Number of unhandled alerts
  • Number of unhandled incidents
  • Number of unfixed vulnerabilities
  • Number of unfixed baseline settings
  • Threat alert distribution and quantity
  • Top 5 intrusion incidents by type
  • Top 5 emergency responses
  • Top 20 threat alarms

Content in the Monthly Report Template

Table 3 Content in the monthly report template

Parameter

Description

Data Scope

By default, a monthly report includes security information for the previous month.

Report type

Report type.

Created

Time the report was generated.

Security Score

SecMaster evaluates the overall asset security, baseline configuration, threat alerts, and security vulnerabilities for the last day of the previous month. You can quickly learn the overall security status of assets. The score may differ depending on the SecMaster edition in use.

Baseline Inspection

Displays the statistics of the latest baseline check in the previous month, including the following information:

  • Total Check Items: the total number of check items in the latest baseline check.
  • Non-Compliant Items: the number of failed check items in the latest baseline check.
  • Unrepaired Items: the number of unfixed items in the latest baseline check.

Security Vulnerabilities

Displays the vulnerability statistics of the accessed cloud services on the last data of the previous month, including the following information:

  • Total number of vulnerabilities.
  • Number of unfixed vulnerabilities

Security Response (Overview)

Displays the security response information for the previous month. You can check the following information:

  • Alerts
  • Number of unhandled alarms
  • Closure rate: The rate of automatically closing alerts = Number of alerts automatically closed by SecMaster using playbooks on the previous day/Total number of alerts closed on the previous day

Asset security

Displays the latest asset security information on the last day of the last month, including the following information:

  • Total number of assets
  • Number of vulnerable assets

Security analysis

Displays the security analysis statistics, including the following information:

  • Total security log traffic of the last month
  • Number of security log models on the last day of the last month

Policy Coverage

Displays the latest asset security information on the last day of the last month, including the following information:

  • Number of instances protected by security products (= Number of ECSs protected with HSS+ Number of websites protected with WAF instances)
  • Coverage rate (= Number of protected ECSs/Total number of ECSs)

Asset risks

Displays the latest asset security information on the last day of the last month, including the following information:

  • Attacked asset quantity changes compared to the previous month
  • Unprotected asset quantity changes compared to the previous month
  • Vulnerable asset quantity changes compared to the previous month
  • Asset changes over the previous month
  • Asset protection rate by asset type (%)

Threat posture

Displays the latest threat posture n on the last day of the previous month, including the following information:

  • Number of DDoS attacks
  • Number of network attacks
  • Number of application attacks
  • Number of server attacks
  • DDoS attacks since the last period
  • Network/Server attacks over time
  • WAF inspection findings
  • Top 5 network attack types
  • Top 5 application attack types
  • Top 5 server attack types
  • Top 5 application attack sources distribution
  • Top 5 attacked application distribution
  • Top 5 HSS alert distribution
  • Top 5 network attack sources distribution

Log analysis

Displays the log analysis results for the previous month, including the following information:

  • Number of log sources
  • Number of log indexes
  • Total number of received logs
  • Log storage
  • Log volume changes
  • Top 3 log source access statistics
  • Number of alerts generated by top 10 models on the previous day

Security Response (Details)

Displays the security response information for the previous month, including the following information:

  • Number of handled alerts
  • Number of handled incidents
  • Number of fixed vulnerabilities
  • Number of fixed baseline settings
  • Threat alert distribution and quantity
  • Top 5 intrusion incidents by type
  • Top 5 emergency responses
  • Top 20 threat alert handling
  • Number of unhandled alerts
  • Number of unhandled incidents
  • Number of unfixed vulnerabilities
  • Number of unfixed baseline settings
  • Threat alert distribution and quantity
  • Top 5 intrusion incidents by type
  • Top 5 emergency responses
  • Top 20 threat alert handling

Related Operations

Parent topic: Security Reports