Last updated: 2019-11-08 09:57:23PDF
What Is SOC?
Tencent Cloud Security Operations Center (SOC)(formerly known as Tencent Cloud Security Situation Awareness) is a big security data visualization platform that provides visibility into businesses, assets, threats and risks based on the customer's cloud security data and Tencent's massive security data. Through multi-dimensional, intelligent, continuous analysis of massive amounts of data, SOC helps identify potential internal and external risks and predict impending security threats.
SOC can monitor and audit various attacks such as DDoS attacks, web attacks, off-site logins and brute force attacks and detect trojan files.
SOC provides real-time alerts and repair solutions for high-risk vulnerabilities on hosts (including system and web vulnerabilities), enabling you to quickly respond to them.
Visual Situation Representation
SOC offers three kinds of visual representation for real-time monitoring: security operations center overview, host security operations center and network security operations center.
Security Operations Center Overview
SOC Overview displays the overall security situation of your cloud resources to help you understand the security conditions of various resources, including overview of host vulnerabilities, brute force attacks, trojans and off-site logins.
Host SOC displays the security situation of your host assets to provide a data basis for addressing host security issues, including overview of host vulnerabilities, brute force attacks, trojans and off-site login, host security agent online status overview and host security intelligence overview.
Network SOC displays the security situation of your enterprise network to help you identify the weaknesses in your network construction, including rankings of DDoS attack traffic and IPs attacking web applications, major attack types and total number of attacks in the past year as well as network situation intelligence overview.