Basic Concepts
This section describes concepts about SA.
Security Risk
Security risk is a comprehensive evaluation of your assets, reflecting the security level of your assets within a period of time by a security score. A security score is for your reference to learn of the security situation of your assets.
Threat Alarm
In general, threat alarms refer to threats that, due to natural, human, software, or hardware reasons, are detrimental to information systems or cause negative effects on the society. In SA, threat alarms are detected security incidents that threaten asset security through big data technology.
Website Vulnerability
A website vulnerability is the vulnerability detected by the web crawler and intelligent comparison of vulnerability features. SA can scan over 22 types of vulnerabilities and can also detect OWASP top 10 and WASC vulnerabilities. The scan rules are automatically updated on the cloud and take effect on the entire network, covering the latest vulnerabilities. HTTPS scan is as well as supported.
Cloud Service Baseline
Cloud service baseline helps you detect unsafe configurations in cloud-based products in public cloud scenarios and provides recovery suggestions. Currently, you can check your environment against security standards Cloud Security Compliance Check 1.0 and Network Security.
Attack Types
- Brute-force attack
A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found to decrypt any encrypted data.
- Web attack
A web attack is an attack against the Internet access or devices such as web servers. Common web attacks include SQL injection, cross-site scripting (XSS), and cross-site request forgery (XSRF) attacks.
- Zombie
A zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus, or Trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Attackers send commands to "zombies" through control channels and order them to send forged or junk packets to targets. As a result, the targets fail to respond and deny normal services. This is a common DDoS attack. Now, as virtual currencies, such as Bitcoins, grow in value, attackers start using zombies to mine Bitcoins.
- Abnormal behavior
Abnormal behavior refers to the events that should not occur on hosts. For example, a user logs in to the system during an unauthorized time period, some file directories are changed unexpectedly, and unexpected actions were performed by a process. We should keep alert for those anomalies as most of them are caused by malware. The abnormal behavior data in SA is mainly reported by Host Security Service (HSS).
- Vulnerability exploit
A vulnerability is a weakness that can be exploited by a threat actor, such as an attacker, to perform unauthorized actions within a computer system. Gaining access, stealing sensitive data, or sabotaging software and hardware systems are all vulnerability exploits.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot