Product Introduction
Purchase Guide
Quick Start
Operation Guide
- Overview
- Vulnerability Management
- COS Risk Monitoring
- Cloud Security Posture Management
- Database Risk Monitor
- Log Analysis
- Notification Center
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Multi-account Management APIs
- Scan Task APIs
- Alarm Center APIs
- Risk Center APIs
- Asset Center APIs
- User Behavior Analysis APIs
- Cloud Boundary Analysis APIs
- Cloud API Anomaly Detection APIs
- Cloud Resource Configuration Check APIs
- AI-SPM APIs
- Skill Security Detection APIs
- Key Sandbox APIs
- IaC Detection APIs
- Report Download APIs
- Solid Protection APIs
- Cloud Security Center Overview APIs
- Data Types
- Error Codes
Related Protocol,
- Service Level Agreement
- Terms Of Service
FAQs
Cloud Security Center (Old Version)
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
Glossary

Product Overview

Baixar

Modo Foco

Tamanho da Fonte

Última atualização: 2026-06-16 16:34:12

Cloud Security Center (CSC) is a new-generation cloud-native security platform launched by Tencent Cloud for public cloud users. Centered on the "Prevention → Detection → Response" security lifecycle framework, it unifies the management of capabilities such as CWPP, container security, cloud security posture, AI asset protection, and data security. This helps enterprises build an integrated cloud security system that spans from asset discovery to threat closure.
Core Concepts
CSC is built based on the following four core design principles:
Design Logic
Meaning
Unified asset foundation
Centrally manages assets such as hosts, containers, AI assets, and cloud products to reduce asset silos.
Shift Security Left
Incorporate vulnerabilities, baselines, and compliance into proactive governance, and actively remediate risks before they evolve into attacks.
Runtime Protection
Real-time detection of intrusion, ransomware, and other attack behaviors, and identification and blocking of ongoing threats.
Closed-loop Operations
Centers on proactive operations and intelligent configuration to improve handling efficiency.
Core Capabilities
1. Overview
It serves as the unified entry point for security decisions. It intuitively presents your security health status using a security score metric and guides you to quickly address high-priority security risks through to-do tasks, enabling managers to grasp the overall cloud security posture at a glance.
2. Asset Center
Understanding your assets is the first step to achieving robust cloud security. The Asset Center provides a unified, panoramic view of all your assets:
Asset Type
Description
Host Assets
Cloud servers (CVM/Lighthouse/Black Stone, and so on) are managed in a unified manner.
Cloud Assets
Cloud databases, buckets, CLB, and other cloud product assets are sorted out in a unified manner.
3. Risk Governance (Preventive Measures)
It addresses the issue of "potential incidents if left unaddressed," enabling proactive discovery and closed-loop remediation of risks.
Feature Module
Core Capabilities
Vulnerability governance
Detects vulnerabilities in operating systems and application components, supports priority-based sorting and one-click fix.
Cloud security posture management
Cloud product configuration compliance check, system baseline governance, and cloud boundary exposure surface analysis.
AI Agent Security
Specialized risk identification and protection for AI agents.
TencentCloud API Risk Governance
Discovers API exposure surface risks, authentication deficiencies, and sensitive data leaks.
Data Security Posture
Sorts out data asset distribution and identifies data security risks and compliance gaps.
4. Detection and Response (In-Process Protection)
It addresses the issue of "ongoing attacks" and supports efficient real-time detection combined with raw log correlation analysis.
Feature Module
Core Capabilities
Alarm Center
Aggregates all types of security alarms, such as host intrusion, container intrusion, and API Server log exceptions, and supports unified analysis and one-click handling.
5. Security Operations (Post-Incident Forensics)
Providing raw evidence and supporting custom reports and in-depth auditing are core highlights of security operations.
Feature Module
Core Capabilities
Log Analysis
Performs deep search and analysis on multi-type logs such as those from hosts and containers, and supports traceability.
6. Protection Configuration (Proactive Operations)
It centrally manages various protection policies, serving as a low-frequency yet critical configuration hub.
Host Protection
Ransomware Detection: It identifies ransomware behavior in real time and detects and blocks malicious processes.
Core File Monitoring: Prevents critical system files and Web pages from being maliciously tampered with.
Application Protection
Application-layer security protection configuration for Web applications and APIs.
7. System Settings
It provides a unified access entry point, facilitating your management of system configurations.
Feature Module
Description
Notification Center
Multi-channel notification configuration for security alarms and risk changes.
Access management
Agent client installation and unified access management for multi-cloud and multi-account environments.
Authorization management
Product feature authorization and license centralized management.
Covered Security Scenarios
The security scenarios listed in the table are only partial examples.
Security Scenario
Description
Involved Feature Module
Unified visibility of cloud assets
Comprehensively manages assets such as hosts, containers, AI assets, and cloud product assets, and establishes a dynamic security ledger.
Asset center
Vulnerability and baseline compliance governance
Proactively discovers system vulnerabilities, misconfigurations, and compliance gaps, and remediates them.
Risk governance (vulnerability, CSPM)
AI and Emerging Asset Security
Specialized security protection covering new assets such as AI agents and AI inference services.
Risk governance (AI Agent), asset center
Data Security and Privacy Compliance
Sorts out data assets, discovers sensitive data, and manages data risk posture.
Risk governance (DSPM), snapshot detection
Real-time Intrusion Detection and Response
Real-time alarms and coordinated handling for host, container, and API intrusions.
Detection and response (Alarm Center)
Ransomware protection
Real-time ransomware behavior detection and blocking, and tamper-proofing for core files.
Protection configuration (host protection)
Security Compliance and Audit
Center for Internet Security (CIS) compliance checks, security audit reports, and log retention and traceability.
Security operations (reporting, log analysis), CSPM
Unified multi-cloud security management
Centrally manages assets and security policies across cloud accounts and cloud platforms.
System settings (multi-cloud access), asset center
Target Audience
User Role
Scenario
Cloud security lead / CISO
Grasp enterprise security health status through the overview and drive security governance decision-making.
Security operations engineer
Handles alarms, fixes vulnerabilities, and follows up on risk governance closure work daily.
DevOps / Development engineer
Integrates CI/CD security scanning and IaC checking to achieve the goal of shifting security left in R&D.
Compliance and audit personnel
Obtains Center for Internet Security (CIS) compliance reports, security audit logs, and supporting evidence.
Container / Cloud-native engineer
Manages cluster security configurations, image risks, and container runtime protection policies.
Frequently Asked Questions (FAQ)
Q: What types of cloud assets does CSC support for onboarding?
A: It supports unified onboarding and management of Tencent Cloud product assets, including CVM, Kubernetes container clusters, cloud databases, COS, and CLB.
﻿
Q: How does the product support multi-cloud or multi-account scenarios?
A: It enables unified access to multi-cloud platforms and multiple Tencent Cloud accounts through Multi-Cloud and Multi-Account Access, and centrally displays cross-account assets and risk posture in the Asset Center.
﻿
Q: How can I quickly start vulnerability remediation work?
A: Go to Risk Governance → Vulnerability Management. The system will automatically display a list of asset vulnerabilities and remediation priority recommendations, and supports one-click issuance of remediation task instructions. (This operation may cause service interruption or data loss. It is recommended to create snapshots according to the product guide to achieve rapid recovery capability.)
﻿
Q: How can it help enterprises meet Center for Internet Security (CIS) requirements?
A: Risk Governance → Cloud Security Posture Management includes built-in Center for Internet Security (CIS) compliance baseline checks. Security Operations → Log Analysis supports 180-day log storage for security auditing and tracing.
﻿
Q: How do I start using CSC?
A: Log in to the Tencent Cloud console and search for "CSC" to access the product. It is recommended that you first complete Agent installation and asset onboarding via System Settings → Access Management, then go to Asset Center to sort out your assets. After that, follow the to-do items on the Overview page to gradually advance the risk governance process.
﻿

Ajuda e Suporte

Esta página foi útil?

Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.

comentários

Design Logic	Meaning
Unified asset foundation	Centrally manages assets such as hosts, containers, AI assets, and cloud products to reduce asset silos.
Shift Security Left	Incorporate vulnerabilities, baselines, and compliance into proactive governance, and actively remediate risks before they evolve into attacks.
Runtime Protection	Real-time detection of intrusion, ransomware, and other attack behaviors, and identification and blocking of ongoing threats.
Closed-loop Operations	Centers on proactive operations and intelligent configuration to improve handling efficiency.

Asset Type	Description
Host Assets	Cloud servers (CVM/Lighthouse/Black Stone, and so on) are managed in a unified manner.
Cloud Assets	Cloud databases, buckets, CLB, and other cloud product assets are sorted out in a unified manner.

Feature Module	Core Capabilities
Vulnerability governance	Detects vulnerabilities in operating systems and application components, supports priority-based sorting and one-click fix.
Cloud security posture management	Cloud product configuration compliance check, system baseline governance, and cloud boundary exposure surface analysis.
AI Agent Security	Specialized risk identification and protection for AI agents.
TencentCloud API Risk Governance	Discovers API exposure surface risks, authentication deficiencies, and sensitive data leaks.
Data Security Posture	Sorts out data asset distribution and identifies data security risks and compliance gaps.

Feature Module	Core Capabilities
Alarm Center	Aggregates all types of security alarms, such as host intrusion, container intrusion, and API Server log exceptions, and supports unified analysis and one-click handling.

Feature Module	Core Capabilities
Log Analysis	Performs deep search and analysis on multi-type logs such as those from hosts and containers, and supports traceability.

Feature Module	Description
Notification Center	Multi-channel notification configuration for security alarms and risk changes.
Access management	Agent client installation and unified access management for multi-cloud and multi-account environments.
Authorization management	Product feature authorization and license centralized management.

Security Scenario	Description	Involved Feature Module
Unified visibility of cloud assets	Comprehensively manages assets such as hosts, containers, AI assets, and cloud product assets, and establishes a dynamic security ledger.	Asset center
Vulnerability and baseline compliance governance	Proactively discovers system vulnerabilities, misconfigurations, and compliance gaps, and remediates them.	Risk governance (vulnerability, CSPM)
AI and Emerging Asset Security	Specialized security protection covering new assets such as AI agents and AI inference services.	Risk governance (AI Agent), asset center
Data Security and Privacy Compliance	Sorts out data assets, discovers sensitive data, and manages data risk posture.	Risk governance (DSPM), snapshot detection
Real-time Intrusion Detection and Response	Real-time alarms and coordinated handling for host, container, and API intrusions.	Detection and response (Alarm Center)
Ransomware protection	Real-time ransomware behavior detection and blocking, and tamper-proofing for core files.	Protection configuration (host protection)
Security Compliance and Audit	Center for Internet Security (CIS) compliance checks, security audit reports, and log retention and traceability.	Security operations (reporting, log analysis), CSPM
Unified multi-cloud security management	Centrally manages assets and security policies across cloud accounts and cloud platforms.	System settings (multi-cloud access), asset center

User Role	Scenario
Cloud security lead / CISO	Grasp enterprise security health status through the overview and drive security governance decision-making.
Security operations engineer	Handles alarms, fixes vulnerabilities, and follows up on risk governance closure work daily.
DevOps / Development engineer	Integrates CI/CD security scanning and IaC checking to achieve the goal of shifting security left in R&D.
Compliance and audit personnel	Obtains Center for Internet Security (CIS) compliance reports, security audit logs, and supporting evidence.
Container / Cloud-native engineer	Manages cluster security configurations, image risks, and container runtime protection policies.

tencent cloud

Cloud Security Center

Product Overview

Core Concepts

Core Capabilities

1. Overview

2. Asset Center

3. Risk Governance (Preventive Measures)

4. Detection and Response (In-Process Protection)

5. Security Operations (Post-Incident Forensics)

6. Protection Configuration (Proactive Operations)

Host Protection

Application Protection

7. System Settings

Covered Security Scenarios

Target Audience

Frequently Asked Questions (FAQ)

Ajuda e Suporte