Basic Concepts
This topic describes concepts used in SecMaster.
Security Risk
A security risk is a comprehensive evaluation of your assets, reflecting the security level of your assets within a period of time by a security score. A security score is for your reference to know the security situation of your assets.
Threat Alert
In general, threat alerts refer to threats that, due to natural, human, software, or hardware reasons, are detrimental to information systems or cause negative effects on the society. In SecMaster, threat alerts are detected security incidents that threaten asset security through big data technology.
Workspace
Workspaces are the root of SecMaster resources. A single workspace can be bound to general projects, enterprise projects, and regions for different application scenarios.
Data Space
A data space is a unit for data grouping, load balancing, and flow control. Data in the same data space shares the same load balancing policy.
Data Pipelines
A data transfer message topic and a storage index form a pipeline.
Classification and Mapping
Type matching and field mapping for cloud service alarms.
Security Orchestration
Security orchestration is a process that combines security capabilities (applications) and manual checks based on certain logical relationships to complete a specific security operations procedure. Security functions of different security operations systems or components are encapsulated through programmable interfaces (APIs) during this process.
Security orchestration is a collaborative work mode that integrates various capabilities related to security operations, such as tools/technologies, workflows, and personnel.
Producer
A producer is a logical object used to construct data and transmit it to the server. It stores data in message queues.
Subscriber
A subscriber is used to subscribe to SecMaster pipeline messages. A pipeline can be subscribed to by multiple subscribers. SecMaster distributes messages through subscribers.
Consumer
A consumer is a running entity that receives and processes data. It consumes and processes messages in the SecMaster pipeline through subscribers.
Message Queue
A message queue is the container for data storage and transmission.
Threat Detection Model
A threat detection model is a trained AI recognition algorithm model. A threat detection model can automatically aggregate, analyze, and generate alerts for specific threats. This type of model has good generalization and anti-evasion capabilities. They can work in different service systems to defend against sophisticated emerging attacks.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
