Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Functions

Updated on 2025-02-17 GMT+08:00

Based on cloud native security, SecMaster provides a comprehensive closed-loop security response process that contains log collection, security governance, intelligent analysis, situation awareness, orchestration, and response, helping you protect cloud security.

SecMaster provides basic, standard, and professional editions for you to help meet security requirements in different scenarios. You can select the one that best fits your service needs.

Security Overview

The Security Overview page gives you a comprehensive view of your asset security posture together with other linked cloud security services to centrally display security assessment findings.

Table 1 Functions

Function Module

Description

Basic

Standard

Professional

Security Overview

  • Security Score: A security score shows the overall health status of your workloads on the cloud so you can quickly learn of unhandled risks and their threats to your assets.

    The lower the security score, the greater the overall asset security risk.

  • Security Monitoring: You can view how many threats, vulnerabilities, and compliance violations that are not handled and view their details.
  • Security Scores over the Time: You can view the trend of the asset health scores for the last seven days.

Workspace Management

Workspaces are top-level workbenches in SecMaster. A single workspace can be bound to general projects, enterprise projects, and regions for different application scenarios.

Table 2 Functions

Function Module

Description

Basic

Standard

Professional

Workspaces

  • Workspace management:

    Workspaces are top-level workbenches in SecMaster. A single workspace can be bound to projects and regions to support workspace operational modes in different scenarios.

  • Workspace hosting: You can create an agency and use it to view the asset risks, alerts, and incidents of multiple workspaces across accounts.

Security Governance

Security Governance provides you with a security governance template and compliance scanning service and converts the standard clauses in security compliance packs into check items.

Table 3 Functions

Function Module

Description

Basic

Standard

Professional

Security Governance

  • Compliance Pack

    Huawei's open security governance templates include original standards and regulation terms, check policies, compliance evaluation items, and improvement suggestions from Huawei experts, covering PCI DSS, ISO27701, ISO27001, privacy protection, and other regulations and standards. You can subscribe to and unsubscribe from security compliance packs and view the evaluation results.

  • Policy Check

    Security Governance periodically detects the compliance status of cloud assets through code-based scanning. You can view compliance risks on the dashboard, and obtain corresponding improvement suggestions from Huawei experts.

  • Compliance Evaluation

    Security Governance integrates regulatory clauses and standard requirements into compliance pack check items. You complete evaluation of your services using the compliance pack, and view evaluation results. You can also view historical results, upload and download evidence, and take actions based on Huawei experts' improvement suggestions.

  • Result Display

    Security Governance displays the evaluation results and compliance status on the dashboard, including the compliance rates of the compliance packs you subscribed to, and the compliance rate of each term the regulations and standards, each security, as well as the policy check results.

NOTE:

Before using security governance in SecMaster, you need to submit a service ticket to enable the service.

×

×

Purchased Resources

Purchased Resources centrally displays the resources purchased by the current account, making it easier for you to manage them in one place.

Table 4 Functions

Function Module

Description

Basic

Standard

Professional

Purchased Resources

You can view resources purchased by the current account on the Purchased Resources page and manage them centrally.

Security Situation

You can view the security overview on the large screen in real time and periodically subscribe to security operation reports to know the core security indicators.

Table 5 Functions

Function Module

Description

Basic

Standard

Professional

Situation Overview

  • Security Score: A security score shows the overall health status of your workloads on the cloud so you can quickly learn of unhandled risks and their threats to your assets.

    The lower the security score, the greater the overall asset security risk.

  • Security Monitoring: You can view how many threats, vulnerabilities, and compliance violations that are not handled and view their details.
  • Security Scores over the Time: You can view the trend of the asset health scores for the last seven days.

Large Screen

SecMaster leverages AI to analyze and classify massive cloud security data and then displays real-time results on a large screen. In a simple, intuitive, and efficient way, you will learn of what risks your cloud environment are facing and how secure your cloud environment is.

NOTE:

The large screen function needs to be purchased separately based on the standard or professional edition.

×

Security Reports

You can generate analysis reports and periodically send them to specified recipients by email. In this way, all recipients can learn about the security status of your assets in a timely manner.

×

×

Task Center

All tasks that need to be processed are displayed centrally.

×

Resource Manager

Resource Manager supports centralized management of assets on the cloud and assets outside the cloud and displays their security status in real time.

Table 6 Functions

Function Module

Description

Basic

Standard

Professional

Resource Manager

SecMaster can synchronize the security statistics of all resources. So that you can check the name, service, and security status of a resource to quickly locate security risks.

Risk Prevention

Risk prevention provides baseline inspection, vulnerability management, and security policy management to help you check cloud security configurations and meet requirements in many security standards, such as DJCP, ISO, and PCI, as well as Huawei Cloud security best practice standards. You can learn about where vulnerabilities are located in the entire environment and fix them in just a few clicks.

Table 7 Functions

Function Module

Description

Basic

Standard

Professional

Baseline Inspection

SecMaster can scan cloud baseline configurations to find out unsafe settings, report alerts for incidents, and offer hardening suggestions to you.

Vulnerabilities

SecMaster automatically synchronizes vulnerability scan result from Host Security Service (HSS), displays vulnerability scan details by category, and provides vulnerability fixing suggestions.

×

×

Emergency Vulnerability Notices

SecMaster collects the latest information on known host security vulnerabilities every 5 minutes.

Security Policies

SecMaster supports centralized management of defense and emergency policies.

×

Threats

SecMaster provides many threat detection models in the Threats module to help customers detect threats from massive security logs and generate alerts. Beyond that, it provides built-in security response playbooks to help automatically analyze and handle alerts, and automatically harden security defense lines and security configurations.

Table 8 Functions of the Threats module

Function Module

Description

Basic

Standard

Professional

Incidents

SecMaster centrally displays incident details and allows you to manually or automatically convert alerts into incidents.

×

Alerts

Alerts of other cloud services such as HSS, WAF, and DDoS Mitigation are integrated for central display and management.

×

Indicators

Metrics can be extracted from alerts and incidents based on custom rules.

×

×

Intelligent Modeling

Models are supported to scan log data in pipelines. If SecMaster detects data that hits the trigger in a model, SecMaster generates an alert.

×

Security Analysis

  • Query and Analysis
    • Search and analysis: Supports quick data search and analysis, quick filtering of security data for security survey, and quick locating of key data.
    • Statistics filtering: SecMaster supports quick analysis and statistics of data fields and quick data filtering based on the analysis result. Time series data supports statistics collection by default time partition, allowing data volume trend to be quickly spotted. SecMaster supports analysis, statistics, and sorting functions, and supports quick building of security analysis models.
    • Visualization: Visualized data analysis intuitively reflects service structure and trend, enabling customized analysis reports and analysis indicators to be easily created.
  • Data Delivery: Data can be delivered to other pipelines or Huawei Cloud products in real time so that you can store data to or retrieve data from other systems.
  • Data Monitoring: Data streams are monitored and managed in an end-to-end manner.
  • Data Consumption: SecMaster provides streaming communication interfaces for data consumption and production, as well as data pipeline SDKs. So that you can use SDKs to integrate data across systems, and specify custom data producers and consumers. SecMaster provides open-source log collection plug-in Logstash. You can enable custom data consumers and producers.
NOTE:

You need to purchase the security analysis function in the value-added package at an extra cost. However, there are some free quotas of security analysis, preconfigured playbooks, and security orchestration. For details, see Free Quota Description.

×

Security Orchestration

Security Orchestration supports playbook management, process management, data class management (security entity objects), and asset connection management. You can also customize playbooks and processes.

Security Orchestration allows you to flexibly orchestrate security response playbooks through drag-and-drop according to your service requirements. You can also flexibly extend and define security operation objects and interfaces.

Table 9 Functions

Function Module

Description

Basic

Standard

Professional

Objects

Manages operation objects such as data classes, data class types, and categorical mappings in a centralized manner.

×

Playbooks

Supports full lifecycle management of playbooks, processes, connections, and instances.

NOTE:

You need to purchase the security orchestration function in the value-added package at an extra cost. However, there are some free quotas of security analysis, built-in playbooks, and security orchestration. For details, see Free Quota Description.

×

Layouts

Provides a visualized low-code development platform for customized layout of security analysis reports, alarm management, incident management, vulnerability management, baseline management, and threat indicator library management.

×

Plugins

Plug-ins used in the security orchestration process can be managed centrally.

×

×

Data Collection

Collects varied log data in multiple modes. After data is collected, historical data analysis and comparison, data association analysis, and unknown threat discovery can be quickly implemented.

Table 10 Functions

Function Module

Description

Basic

Standard

Professional

Data Collection

(Collections and Components)

Logstash is used to collect varied log data in multiple modes. After data is collected, historical data analysis and comparison, data association analysis, and unknown threat discovery can be quickly implemented.

×

Data Integration

Integrates security ecosystem products for associated operations or data interconnection. After the integration, you can search for and analyze all collected logs.

Table 11 Functions

Function Module

Description

Basic

Standard

Professional

Data Integration

SecMaster provides a preset log collection system. You can enable access to logs of other cloud services in just a few clicks. After the integration, you can search for and analyze all collected logs.

×

√ (Only cloud service alerts can be integrated.)

Directory Customization

You can customize directories as needed.

Table 12 Functions

Function Module

Description

Basic

Standard

Professional

Directory Customization

You can view in-use directories and change their layouts.

×

Free Quota Description

SecMaster provides some free quotas for security analysis and security orchestration in the value-added package. While the free quotas vary depending on the SecMaster editions. The details are as follows:

Table 13 Free Quota Description

Function

Standard

Professional

Security Analysis

Security data collection

120 MB/day/quota

120 MB/day/quota

Security data retention

120 MB/day/quota

120 MB/day/quota

Security data export

120 MB/day/quota

120 MB/day/quota

Platform security data

40 MB/day/quota

40 MB/day/quota

Security modeling analysis

×

120 MB/day/quota

Threat Management

Preset threat models

×

Calculation model data: 120 MB/day/quota; Preset models: 200

Preset response playbooks

×

Preset playbooks: 30

Security Orchestration (SOC)

Security Orchestration

×

Operations: 7,000

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback