Security Services

Security governance
- Identity and Access Management (IAM): Authenticates identities and securely manage access to your services and resources
- Organizations: Helps you govern multiple accounts within your organization. You can consolidate multiple Huawei Cloud accounts into a single organization and apply governance policies to them.
- Resource Governance Center (RGC): Helps you set up and govern a secure, scalable multi-account cloud environment.
- Resource Access Manager (RAM): Provides secure cross-account resource sharing capabilities. You can create resources once in an account and use RAM to share the resources with organizations, organizational units, or accounts.
- IAM Identity Center helps you centrally manage your workforce identities and their access to multiple Huawei Cloud accounts. You can create identities for your entire enterprise at one go and give them single sign-on (SSO) access with managed permissions.
Network security
- Cloud Firewall (CFW): A next-generation cloud native firewall with elastic and flexible services, low deployment costs, and easy and efficient O&M.
- Anti-DDoS Service (AAD): Mitigates DDoS attacks in milliseconds to ensure continuity of your global services based on machine learning, protection policy tuning, and precise identification of DDoS attacks.
Threat detection
- Web Application Firewall (WAF): Protects web applications, such as websites, from common web attacks, ensuring continuous and stable service running and meeting compliance and regulatory requirements.
- Config: Allows you to centrally search for and evaluate your resources to ensure resource compliance.
- Host Security Service (HSS): Manages server and container risks and maintains compliance with cyber security standards. Fights intrusions such as ransomware, mining, infiltration, and container escapes.
- CodeArts Inspector: Provides one-stop vulnerability management for software R&D and O&M. This includes real-time continuous asset evaluation and risk quantification, analysis, and handling. It quickly detects and responds to vulnerabilities for defense against potential security threats.
Data security
- Data Security Center (DSC): The DSC is a next-generation cloud-native data security platform. It offers fundamental data security functionalities, including data classification and grading, sensitive data scanning, data security checks, data watermark tracing, and data masking. The Asset Map feature integrates the status of each phase within the data security lifecycle, providing a comprehensive view of the overall data security posture in the cloud.
- Data Encryption Workshop (DEW): Provides robust capabilities for key management, credential management, key pair management, and dedicated encryption functions. Its purpose is to ensure data security and key security while simplifying the overall key management process.
- Cloud Certificate Manager (CCM): Issues cloud certificates and provides lifecycle management for certificates. Currently, CCM provides SSL Certificate Management and Private Certificate Authority (PCA).
- Database Security Service (DBSS): Based on machine learning and big data analytics technologies, DBSS can audit your databases, detect SQL injection attacks, and identify high-risk operations.
Compliance and privacy protection
- Compliance Center: Provides a wide range of resources to help you better understand and meet global regulatory requirements.
- Cloud Trace Service (CTS): Collects, stores, and queries resource operation records. You can use these records to perform security analysis, track resource changes, audit compliance, and locate faults.
- Config: Allows you to centrally search for and evaluate your resources to ensure resource compliance.
Security operations
- SecMaster: SecMaster is a next-generation cloud native platform that enables integrated and automatic security operations. You can manage cloud assets, security posture, security information, and incidents in one place and enjoy intelligent threat detection, easy security orchestration, and automatic response.