Updated on 2024-09-10 GMT+08:00

Edition Differences

SecMaster provides three editions: basic, standard, and professional. Different editions have different features that apply to different scenarios. For details about feature differences, see Feature Differences Between SecMaster Editions. For details about features in each edition, see Functions.

Editions

Table 1 describes SecMaster editions.

Table 1 SecMaster editions

Edition

Billing Mode

Description

Basic

Yearly/Monthly (Free)

Allows you to know your security situation.

Standard

Yearly/Monthly

  • Provides the security situation information and DJCP compliance.
  • Provides plus features, such as Large Screen, Intelligent Analysis, and Security Orchestration.

Professional

  • Pay-per-use billing
  • Yearly/Monthly billing
  • Provides check on operation risks and regulation compliance.
  • Provides plus features, such as Large Screen, Intelligent Analysis, and Security Orchestration.

Feature Differences Between SecMaster Editions

The following table lists the function differences between SecMaster editions.

Table 2 Function differences between SecMaster editions

Function

Function Module

Description

Basic

Standard

Professional

Security Overview

Displays a comprehensive overview of asset security posture together with other linked cloud security services.

Workspace

  • Workspace management: Workspaces are the root of SecMaster resources. A single workspace can be bound to general projects, enterprise projects, and regions for different application scenarios.
  • Workspace hosting: You can create an agency and use it to view the asset risks, alerts, and incidents of multiple workspaces across accounts.

Security Governance

Security Governance provides you with security governance templates and checks your services against compliance policies that are built on the basis of the regulation terms in the security compliance packs.

×

×

Security Situation

Situation Overview

  • Security Score: SecMaster scores security situation of your system, sorts out risks by severity, and display the risk defense capabilities of your system.
  • Security monitoring: displays security monitoring statistics in real time.
  • Your Security Score over Time: SecMaster displays your security scores for the last 7 days.

Large Screen

SecMaster displays the comprehensive security posture of your assets in the cloud in real time.

×

Security Report

You can generate analysis reports. In this way, you can learn about the security status of your assets in a timely manner.

×

×

Task Hub

Displays the tasks to be processed in a centralized manner.

×

Asset Management

SecMaster synchronizes information about your resources and displays overall security posture in one place.

×

Risk Prevention

Baseline Inspection

SecMaster can scan cloud baseline configurations to find out unsafe settings, report alerts for incidents, and offer hardening suggestions to you.

×

√ (Supports basic baseline checks but does not provide details about check results.)

Bug Management

Automatically synchronizes HSS vulnerability scanning result, displays vulnerability scanning details by category, and provides vulnerability fixing suggestions.

×

×

Emergency Vulnerability Notice

SecMaster displays security vulnerabilities disclosed in the industry so that you can have a comprehensive understanding about your asset risks.

Policy Management

SecMaster supports central management of defense and emergency policies.

×

Security Analysis

Data can be queried, analyzed, consumed, monitored, and delivered.

×

Threat Operations

Incident Management

Displays security threat incidents in a centralized manner.

×

Alert Management

Provides unified security alert management and built-in Huawei Cloud alert standards. Integrates and displays alerts of other cloud services for centralized management.

×

Indicators

Provides unified security threat indicator management and built-in Huawei Cloud threat indicator library standards. Security indicators from other cloud services can be accessed, and custom rules for extracting indicators are supported.

×

×

Intelligent Modeling

Alert models can be built.

×

Security Analysis

Data can be queried, analyzed, consumed, monitored, and delivered.

×

Security Orchestration

Object Management

Manages data classes, data class types, and categorical mappings in a centralized manner.

×

Playbooks

Supports full lifecycle management of playbooks, processes, connections, and instances.

×

Layout Management

Provides a visualized low-code development platform for customized layout of security analysis reports, alert management, incident management, vulnerability management, baseline management, and threat indicator library management.

×

Plug-in Management

Plug-ins used in the security orchestration process can be managed centrally.

×

×

Data Collection

Logstash is used to collect varied log data in multiple modes. After data is collected, historical data analysis and comparison, data association analysis, and unknown threat discovery can be quickly implemented.

×

Data Integration

Integrates security ecosystem products for associated operations or data interconnection. After the integration, you can search for and analyze all collected logs.

×

√ (Only cloud service alerts can be integrated.)

Directory Customization

You can view existing directories and change the layout.

×

NOTE:

Symbol description:

  • X: indicates that the function is unavailable in the corresponding edition.
  • √: indicates that the function is available in the corresponding edition.
  • Before using security governance in SecMaster, you need to submit a service ticket to enable the service.
  • : Some functions are supported in standard and professional editions, but you need to purchase a value-added package to use them, such as large screen, security analysis, and playbook orchestration.