What Is MTD?
Managed Threat Detection (MTD) continuously checks source IP addresses and domain names in cloud service logs and alert you to potential malicious activities and unauthorized behaviors. MTD can monitor logs of IAM, DNS, CTS, and OBS, all of which are global services in your account. Powered by an AI engine, threat intelligence, and detection policy, MTD intelligently examines access behavior in logs of multiple cloud services to detect potential threats, generate alarms, and provide remediation. With MTD, you can respond to alarms and handle potential threats and harden service security in a timely manner to prevent major losses such as information leakage, keeping your accounts and service secure and stable.
MTD collects logs from IAM, DNS, CTS, and OBS and uses an AI engine, threat intelligence, and rule baseline model to continuously detect potential threats, malicious activities, and unauthorized behaviors, such as brute-force cracking, penetration attacks, and mining attacks. Figure 1 shows how MTD works.