Overview
Background
SecMaster integrates the vulnerability scanning data of Host Security Service (HSS) to centrally display asset vulnerability risks on the cloud, helping users detect asset security weaknesses in a timely manner and fix risky vulnerabilities.
ECS Vulnerabilities
SecMaster can display vulnerabilities scanned by HSS in real time. You can view vulnerability details and find fixing suggestions.
The following host vulnerabilities can be detected:
|
Check Items |
Description |
|---|---|
|
Linux software vulnerability detection |
SecMaster detects vulnerabilities in the system and software (such as SSH, OpenSSL, Apache, and MySQL) based on vulnerability libraries, reports the results to the management console, and generates alerts. |
|
Windows OS vulnerability detection |
SecMaster subscribes to Microsoft official updates, checks whether the patches on the server have been updated, pushes Microsoft official patches, reports the results to the management console, and generates vulnerability alerts. |
|
Web-CMS vulnerability detection |
SecMaster checks web directories and files for Web-CMS vulnerabilities, reports the results to the management console, and generates vulnerability alerts. |
|
Application Vulnerabilities |
SecMaster detects the vulnerabilities in the software and dependency packs running on the server, reports risky vulnerabilities to the console, and displays vulnerability alerts. |
After the integration, the vulnerability severity levels in SecMaster and that in HSS are as follows:
|
Vulnerability Severity in HSS |
Vulnerability Severity in SecMaster |
|---|---|
|
Low |
Low |
|
Medium |
Medium |
|
High |
Medium |
|
Critical |
High |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
