Vulnerability Management Overview
Background
SecMaster integrates the vulnerability scanning data of Host Security Service (HSS) to centrally display asset vulnerability risks on the cloud, helping users detect asset security weaknesses in a timely manner and fix risky vulnerabilities.
SecMaster supports the following types of vulnerabilities:
- ECS Vulnerabilities
Reports vulnerabilities in Linux and Windows operating systems (OSs), Web-CMS vulnerabilities, and application vulnerabilities.
ECS Vulnerabilities
SecMaster can display host vulnerability scan information and vulnerability details, and provide vulnerability fixing suggestions.
The following host vulnerabilities can be detected:
Check Items |
Description |
---|---|
Linux software vulnerability detection |
SecMaster detects vulnerabilities in the system and software (such as SSH, OpenSSL, Apache, and MySQL) based on vulnerability libraries, reports the results to the management console, and generates alerts. |
Windows OS vulnerability detection |
SecMaster subscribes to Microsoft official updates, checks whether the patches on the server have been updated, pushes Microsoft official patches, reports the results to the management console, and generates vulnerability alerts. |
Web-CMS vulnerability detection |
SecMaster checks web directories and files for Web-CMS vulnerabilities, reports the results to the management console, and generates vulnerability alerts. |
Application Vulnerabilities |
SecMaster detects the vulnerabilities in the software and dependency packs running on the server, reports risky vulnerabilities to the console, and displays vulnerability alerts. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot