Help Center> SecMaster> User Guide> Risk Prevention> Baseline Inspection> Baseline Inspection Overview
Updated on 2024-03-07 GMT+08:00
View PDF

Baseline Inspection Overview

SecMaster can scan cloud services for risks in key configuration items, report scan results by category, generate alerts for incidents, and provide hardening suggestions and guidelines.

For your cloud services, you can learn of unsafe settings that are discovered by SecMaster based on security standards Cloud Security Compliance Check 1.0 and Network Security.

Limitations and Constraints

The SecMaster basic edition does not support baseline inspection. The basic edition does not support viewing of cloud service baseline details. To learn about your cloud service configuration status and ensure your cloud service configurations are appropriate, you are advised to use the professional edition. For details, see Buying the Professional Edition.

Baseline Check Methods

  • Automated baseline checks

    Every three days SecMaster checks your assets under your account in the current region from 00:00 to 06:00.

    You can specify a schedule and start time to let SecMaster perform baseline inspection. For details, see Creating a Custom Baseline Check Plan.

  • Manual baseline checks

    There are some manual check items included in baseline inspection. After you finish a manual check, report the check results to SecMaster. The pass rate is calculated based on results from both manual and automatic checks. For automatic check items, you can manually start specific checks.

    For details about manual checks, see Handling Manual Check Items.

Process

Table 1 Process

No.

Operation

Description

1

(Optional) Creating a Custom Baseline Check Plan

SecMaster uses the default check plan to check all assets.

  • Default plan: SecMaster checks your assets under your account in the current region every three days from 00:00 to 06:00.
  • Custom plans: SecMaster performs baseline inspections based on the standards and time you specify in the custom check plans.

2

(Optional) Starting an Immediate Baseline Check

The baseline inspection supports periodic and immediate checks.

  • Periodic check: The system automatically executes the default check plan or the check plans you configure.
  • Immediate check: You can add or modify a custom check plan and start the check plan immediately. In this way, you can check whether the servers have certain unsafe configurations in real time.

3

Viewing Baseline Inspection Results

You can view the baseline inspection results, affected assets, and details about the baseline inspection items.

4

Handling Baseline Inspection Results

You can handle risky items based on the rectification suggestions.
Parent topic: Baseline Inspection