Tencent Cloud Workload Protection leverages the massive amount of threat data accumulated by Tencent Security and uses machine learning algorithms to provide security services such as intrusion detection and vulnerability alerts. Features offered includes password cracking prevention, suspicious login alerts, trojan detection, and high-risk vulnerability detection. It helps enterprises build a security protection system to deal with major network security risks.
Once your server is intruded by hackers, you will face the following security risks:
CWP can effectively prevent the above problems and guarantee security for your servers.
A website backdoor trojan (also known as “web shell”) is a dynamic script in ASP, PHP, JSP, or other language implanted by hackers after they intrude a website through a vulnerability. Hackers can continuously control a server using a backdoor trojan and do harms such as file upload and download and command execution, which is extremely detrimental to website security.
Featuring the machine learning-based website backdoor detection technology and harnessing Tencent Cloud security platform's capability of collecting malicious file samples from the entire network, CWP can accurately detect and kill various trojan files. In addition, it provides features such as malicious file detection and quick quarantine to protect your server security.
Your servers can be logged in to through the internet, which leaves opportunities for hackers to intrude them using brute force attacks. CWP uses various methods to detect whether your CVM instance passwords have been cracked by brute force. Once an exception is detected, CWP will inform you of it through internal message and SMS.
Based on common login locations and malicious login sources, CWP analyzes server login logs, identifies login in unusual locations and abnormal logins in the server login transactions, and reports them in real time. Plus, it can analyze server account login behaviors and alert you to suspicious login behaviors in real time.
With CVM's log query feature, you can compare your login activities against the records in the logs to identify abnormal login attempts and take security measures.
CWP provides real-time alerts and solutions for high-risk system and web vulnerabilities on your server. This enables you to quickly respond to the issues.
CWP manages your assets in a unified manner, where you can tag and group CVM instances for easier management and gain insights into the distribution of software processes and ports on the instances through the component identification technology.