Application Scenarios

Log Audit

Scenario Description

Regulatory oversight in security is intensifying, with escalating compliance demands. The proliferation of complex privacy, data security, and cybersecurity regulations poses significant compliance challenges for enterprises. SecMaster provides baseline inspection and log audit to help enterprises comply with national and industry regulations, clarify security objectives, establish a systematic framework for information system security, and mitigate security and attack risks.

Solution

SecMaster provides baseline inspection, log auditing, and other capabilities to help assess your environment compliance with DJCP. Data aggregated into SecMaster can be retained for up to 180 days to meet audit requirements.

Recommended edition

Standard edition

Threat Detection and Response

Scenario Description

Cloud threats can compromise enterprise assets through various attack vectors, including network and host intrusions. While security products like Host Security Service (HSS), Cloud Firewall (CFW), and Web Application Firewall (WAF) can effectively safeguard cloud workloads, there are still other issues. For example, scattered alerts across security products make centralized management difficult and dispersed threat-handling processes slow response times. These issues hinder vulnerability detection, disrupt security operations, reduce threat response efficiency, and increase security risks.

Solution

SecMaster provides threat management and security orchestration to effectively address the preceding issues. Rooted in SecMaster, the threat management module collects, integrates, and analyzes alerts and logs aggregated from HSS, CFW, and WAF, for associated analysis. In addition, SecMaster uses cloud native capabilities to integrate the handling and blocking capabilities of products such as HSS, CFW, WAF, and security groups. It provides centralized, one-click, and automatic handling to speed up threat response.

• A 99% reduction in noise alerts with zero false negatives
• Ready for out-of-the-box deployment with 200+ pre-configured models, 30+ security playbooks, real-time streaming analysis, and threat detection and response in seconds
• Custom threat detection models and investigation and response playbooks to meet changing security requirements

Recommended edition

Professional edition

Centralized Management of On-and Off-cloud Resources

Scenario Description

The lack of unified security operations standards creates challenges in managing security data across multiple platforms, accounts, and users. While daily security log volumes are substantial, current processes rely heavily on manual threat investigation and response. Correlating security data across platforms and sharing threat response experience remains challenging.

Solution

• You can centrally manage resources on and off the cloud in SecMaster, so that you can quickly assess resource security status and identify at-risk resources.
• You can enable access to logs of many cloud services, such as Web Application Firewall (WAF), Host Security Server (HSS), and Cloud Firewall (CFW). After you enable the access, you can manage logs centrally and search and analyze all collected logs.
• You can create workspace agencies in SecMaster to enable cross-account and cross-region security operations.
• SecMaster provides baseline inspection. This feature can scan cloud services for risks in key configuration items, report scan results by category, generate alerts for incidents, and provide hardening suggestions and guidelines.
• SecMaster provides threat management and security orchestration to help security teams efficiently respond to cyber threats and enable automatic response to security incidents.

Recommended edition

Professional edition