Updated on 2023-04-10 GMT+08:00

What Is MTD?

Managed Threat Detection (MTD) continuously checks source IP addresses and domain names in cloud service logs and alert you to potential malicious activities and unauthorized behaviors. MTD can monitor logs of IAM, DNS, CTS, OBS and VPC, all of which are global services in your account.

Powered by an AI engine, threat intelligence, and detection policies, MTD intelligently examines access behavior in logs of cloud services to detect threats, generate alarms, and provide remediation. With MTD, you can respond to alarms, handle potential threats, and harden service security in a timely manner to prevent major losses such as information leakage, keeping your accounts and service secure and stable.

Detection Types

Table 1 lists the MTD detection types supported in each region.

Table 1 Detection types


IAM Detection

DNS Detection

CTS Detection

OBS Detection

VPC Detection









CN-Hong Kong



Detection Mechanism

MTD collects logs from IAM, DNS, CTS, OBS, and VPC and uses an AI engine, threat intelligence, and detection policies to continuously detect potential threats, malicious activities, and unauthorized behaviors, such as brute-force cracking, penetration attacks, and mining attacks. Figure 1 shows how MTD works.

Figure 1 Detection mechanism