Updated on 2023-12-22 GMT+08:00

Overview

Background

SecMaster integrates the vulnerability scanning data of Host Security Service (HSS) to centrally display asset vulnerability risks on the cloud, helping users detect asset security weaknesses in a timely manner and fix risky vulnerabilities.

ECS Vulnerabilities

SecMaster can display vulnerabilities scanned by HSS in real time. You can view vulnerability details and find fixing suggestions.

The following host vulnerabilities can be detected:

Table 1 ECS vulnerability check items

Check Items

Description

Linux software vulnerability detection

SecMaster detects vulnerabilities in the system and software (such as SSH, OpenSSL, Apache, and MySQL) based on vulnerability libraries, reports the results to the management console, and generates alerts.

Windows OS vulnerability detection

SecMaster subscribes to Microsoft official updates, checks whether the patches on the server have been updated, pushes Microsoft official patches, reports the results to the management console, and generates vulnerability alerts.

Web-CMS vulnerability detection

SecMaster checks web directories and files for Web-CMS vulnerabilities, reports the results to the management console, and generates vulnerability alerts.

Application Vulnerabilities

SecMaster detects the vulnerabilities in the software and dependency packs running on the server, reports risky vulnerabilities to the console, and displays vulnerability alerts.

After the integration, the vulnerability severity levels in SecMaster and that in HSS are as follows:

Table 2 Vulnerability severity level mappings

Vulnerability Severity in HSS

Vulnerability Severity in SecMaster

Low

Low

Medium

Medium

High

Medium

Critical

High