Help Center> Data Security Center> User Guide> Data Security Operations> Situational Awareness Large Screen
Updated on 2024-07-01 GMT+08:00
View PDF

Situational Awareness Large Screen

There are always such scenarios as presentation, reporting, or real-time monitoring where you need to present the analysis results of DSC on large screens to achieve better demonstration effect. It is not ideal to just zoom in the console. Now, DSC Large Screen is a good choice for you to display the service console on bigger screens for a better visual effect.

By default, DSC provides an integrated situational awareness dashboard that presents a thorough analysis of risky assets, identification, masking, and watermarking tasks, as well as events and alarms in the cloud. This dashboard facilitates swift recognition and response to the overall status of assets, including addressing risky assets and urgent alarms.

Prerequisites

Cloud asset access permissions are granted. For details, see Allowing or Disallowing Access to Cloud Assets.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation tree on the left, click . Choose Security and Compliance > Data Security Center .
  4. In the navigation tree on the left, choose Data Security Operations > Situation Awareness Large Screen. The Situation Awareness Large Screen page is displayed, as shown in Figure 1.

    Figure 1 Situational Awareness Large Screen

  5. Click the Situation Awareness Large Screen image. The Situation Awareness Large Screen page is displayed, as shown in Figure 2.

    This screen includes many graphs.
    Figure 2 Situational awareness large screen

Security Score

As shown in Figure 3, the security scores of all assets are displayed.

Table 1 Secure score

Parameter

Source

Update Frequency

Description

Security Score

Score on the asset map

When the security score on the asset map changes, the security score is updated in real time.
For details about the score calculation rules, see Viewing Scoring Rules. The criteria for classifying high, medium, and low risks in the final score are as follows:
  • 100: no risk
  • 81-99: low risk
  • 51-80: medium risk
  • 0-50: high risk
Figure 3 Security score

Risky Asset Statistics

As shown in Figure 4, risk statistics of authorized assets are displayed.

Risky asset statistics come from the asset map. To view asset details, go to this page.

Table 2 Security score

Parameter

Source

Update Frequency

Description

High/Medium/Low-risk assets

Risk level in Protection Policy Analysis

When the risk level of the asset map changes, the number of risky assets is updated in real time.

For details about the calculation rules, see Risk Statistics.

Attacked assets

Alarms in Data Security Operations > Alarm Management

Real-time

Analyze the number of attacked assets based on alarms in Alarm Management.

Attacked APIs

Alarms in Data Security Operations > Alarm Management

Real-time

Analyze the number of attacked APIs based on alarms in Alarm Management.
Figure 4 Risky asset statistics

Information

As shown in Figure 5, the total number of assets and the identified high-, medium, and low-risk assets are displayed.

Table 3 Asset information

Parameter

Source

Update Frequency

Description

Total assets

Sum of high-risk, medium-risk, and low-risk assets.

Real-time

-

Risky assets

Sum of high- and medium-risk assets.

Real-time

-

Secure assets

Number of low-risk assets.

Real-time

-

Sensitive fields/Total fields

Sensitive data identification

Real-time

Total number of sensitive data fields/Total number of fields.

Sensitive files/Total files

Sensitive data identification

Real-time

Total number of sensitive data files in OBS assets/Total number of files.

Data tables

Total number of sensitive data tables.

Real-time

Total number of sensitive data tables.
Figure 5 Asset information

Asset Statistics by Level

As shown in Figure 6, the total number of assets that have been categorized and leveled through sensitive data identification, and the number and proportion of assets at each level are displayed.

Table 4 Asset information

Parameter

Data Scope

Update frequency

Description

Total assets

Asset map

Real-time

Total number of assets that are categorize and leveled using the sensitive data identification function.

Level

Sensitive data identification

Real-time

Number of assets at each level and the proportion of each asset to the total assets.
Figure 6 Asset statistics by level

Top 5 Risky Assets with Highest Lost Scores

As shown in Figure 7, the top 5 assets with the highest lost scores are displayed. When you move the cursor to the bar chart, the asset name, asset type, data source, and score loss are displayed.

Table 5 Asset information

Parameter

Source

Update Frequency

Description

Risky asset score loss

Asset map

Real-time

The asset name, asset type, data source, and score deduction of a single asset are displayed based on the sore loss rules in the asset scoring rules. The details about the score deduction rules are described on the console. For details, see Viewing Scoring Rules.
Figure 7 Top 5 Risky Assets with Highest Lost Scores

Execution Information

As shown in Figure 8, the total number of executed tasks is displayed, including sensitive data identification, static data masking, and data watermarking tasks.

Table 6 Task execution information

Parameter

Source

Update Frequency

Description

Total executions

Sensitive data identification, static data masking, and data watermarking

Real-time

Total number of executed tasks.
Figure 8 Task execution information

Handling Statistics

  • Alarm Handling Statistics

    Displays the total number of alarms and the number of unhandled alarms from the Alarm Management page by time.

  • Event Handling Statistics

    Displays the total number of events and the number of unhandled events from the Event Management page by time.

    Table 7 Task execution information

    Parameter

    Source

    Update Frequency

    Description

    Total alarms

    Alarm Management module

    Real-time

    Total number of alarms in the alarm list on the Alarm Management page

    Unhandled alarms

    Alarm Management

    Real-time

    Number of alarms whose status is enabled in the alarm list on the Alarm Management page

    Total events

    Event Management module

    Real-time

    Total number of events in the event list on the Event Management page

    Unhandled events

    Event Management module

    Real-time

    Number of events whose status is enabled and blocked in the alarm management list.
    Figure 9 Handling Statistics

Threat Trends

As shown in Figure 10, the number of database attacks and the number of API attacks are displayed by time.

Table 8 Task execution information

Parameter

Source

Update Frequency

Description

Database attacks

Alarm Management module

Real-time

Analyze the number of database attacks based on the alarms on the Alarm Management page.

API attacks

Alarm Management module

Real-time

Analyze the number of API attacks based on the alarms on the Alarm Management page.
Figure 10 Threat Trends

Top 5 Attack Targets

Table 9 Top 5 attack targets

Parameter

Source

Update Frequency

Description

Top 5 attacked database assets

Alarm Management module

Real-time

Analyze and display top 5 attacked database assets based on alarms on the Alarm Management page.

Top 5 attacked APIs

Alarm Management module

Real-time

Analyze and display top 5 attacked APIs based on alarms on the Alarm Management page.
  • Top 5 Attacked Database Assets

    As shown in Figure 11, the top 5 attacked database assets are displayed. When you move the cursor to the bar chart, the Database, Database type, and Number of attacks are displayed.

    Figure 11 Top 5 attacked database assets
  • Top 5 Attacked APIs

    As shown in Figure 12, the top 5 attacked APIs are displayed. When you move the cursor to the bar chart, the API name, App name, and Number of attacks are displayed.

    Figure 12 Top 5 attacked APIs
Parent topic: Data Security Operations