Help Center > > Service Overview> What Is MTD?

What Is MTD?

Updated at: Oct 13, 2021 GMT+08:00

Managed Threat Detection (MTD) continuously checks source IP addresses and domain names in cloud service logs and alert you to potential malicious activities and unauthorized behaviors. MTD can monitor logs of IAM, DNS, CTS, and OBS, all of which are global services in your account. Powered by an AI engine, threat intelligence, and detection policy, MTD intelligently examines access behavior in logs of multiple cloud services to detect potential threats, generate alarms, and provide remediation. With MTD, you can respond to alarms and handle potential threats and harden service security in a timely manner to prevent major losses such as information leakage, keeping your accounts and service secure and stable.

Detection Mechanism

MTD collects logs from IAM, DNS, CTS, and OBS and uses an AI engine, threat intelligence, and rule baseline model to continuously detect potential threats, malicious activities, and unauthorized behaviors, such as brute-force cracking, penetration attacks, and mining attacks. Figure 1 shows how MTD works.

Figure 1 Detection mechanism

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?

Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel