Product Introduction
Purchase Guide
Quick Start
Operation Guide
- Overview
- Vulnerability Management
- COS Risk Monitoring
- Cloud Security Posture Management
- Database Risk Monitor
- Log Analysis
- Notification Center
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Multi-account Management APIs
- Scan Task APIs
- Alarm Center APIs
- Risk Center APIs
- Asset Center APIs
- User Behavior Analysis APIs
- Cloud Boundary Analysis APIs
- Cloud API Anomaly Detection APIs
- Cloud Resource Configuration Check APIs
- AI-SPM APIs
- Skill Security Detection APIs
- Key Sandbox APIs
- IaC Detection APIs
- Report Download APIs
- Solid Protection APIs
- Cloud Security Center Overview APIs
- Data Types
- Error Codes
Related Protocol,
- Service Level Agreement
- Terms Of Service
FAQs
Cloud Security Center (Old Version)
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
Glossary

Security Lifecycle Framework

Baixar

Modo Foco

Tamanho da Fonte

Última atualização: 2026-06-16 16:34:13

CSC builds a "Prevention — Detection — Response" tripartite security framework based on the security lifecycle:
Phase
Core Concept
Problem Solved
﻿Pre-risk Governance
Shifting security left, proactively discovering and fixing risks.
"If not fixed, a security incident may occur."
In-process Detection and Response
Real-time awareness and attack blocking
"How to handle ongoing attacks."
Post-incident Security Operations
In-depth tracing and continuous improvement of operational capabilities
"How to conduct post-mortem analysis and improvement after an attack."
Proactive Risk Governance
Core Objective: Proactively discover vulnerabilities, misconfigurations, and compliance gaps before risks evolve into attacks, achieving closed-loop remediation of risks.
Host Vulnerability Management
Performing comprehensive vulnerability detection and remediation management for cloud-based hosts (servers):
Automatic Vulnerability Detection: Continuously scans for operating system and application component vulnerabilities, covering mainstream vulnerability databases such as CVE and CNVD.
Risk Prioritization: Generates high-priority fixing suggestions by combining asset criticality and vulnerability threat levels.
Fixing Task Closed Loop: Supports one-click fixing task issuance and tracks the fixing progress to completion.
Cloud Security Posture Management
Performing comprehensive checks on the security and compliance status of cloud product configurations:
Cloud Product Configuration Check: Automatically checks for misconfigurations in cloud products such as cloud databases, buckets, and network security groups.
System Baseline Governance: Incorporates mainstream security baselines such as the Center for Internet Security (CIS) to detect host system configuration risks.
Cloud Perimeter Analysis: Sorts out the internet-exposed attack surface and identifies unnecessary port openings and missing access controls.
Checking for Snapshots
Perform offline security assessments on cloud host snapshots without impacting business operations:
Supports comprehensive checking for vulnerabilities in snapshots.
Suitable for security and compliance verification scenarios of host backups.
TencentCloud API Risk Governance
Detecting TencentCloud API-level security threats:
API Exposure Surface Identification: Sorts out externally exposed APIs and identifies unauthorized access risks.
Authentication Risk Detection: Detects configuration issues such as missing API authentication and excessive permissions.
Sensitive Data Leakage Detection: Checks for the risk of sensitive information leakage in API responses.
AI Agent Security
Specialized Security Risk Identification and Protection for AI Agents:
Identify abnormal behaviors and security risks during AI Agent operation.
Manage AI Agent assets and build security visibility for AI business.
Data Security Posture
Sort out data asset distribution and manage data security risks:
Data Asset Discovery: Automatically identifies the distribution of sensitive data in cloud databases and buckets.
Data Risk Assessment: Identifies security risks such as excessive data access permissions and data leakage.
Compliance Gap Analysis: Compares against data security regulations and outputs compliance gap recommendations.
Real-time Detection and Response
Core Objective: To detect intrusion and attack behaviors at the host, container, network, and API layers in real time and support rapid investigation and coordinated response.
Alarm Center
A unified platform for investigation and handling that aggregates all types of security alarms:
Covered Alarm Types
Alarm Type
Specific Scenario
Host Intrusion Alarm
Malicious processes, brute-force attacks, abnormal logins, Trojan horse implantation, reverse shells, and abnormal commands, and so on.
Ransomware Behavior Alarm
Ransomware behavior detection, file encryption behavior blocking
Core Capabilities
One-Click Response: Supports one-click response operations such as alarm confirmation, isolation, and blocking.
Alarm Correlation: Automatically correlates multiple alarms from the same attack chain to reconstruct the complete attack scenario.
Post-Incident Security Operations
Core Objective: To provide complete log retention and audit capabilities, supporting event review, compliance verification, and continuous operational improvement.
Log Analysis
Performs deep search and analysis on multiple types of security logs:
Multi-Source Log Collection: Uniformly collects host logs (process, network, file), container logs, and cloud product access logs.
Full-Text Search: Supports rapid log search across multiple dimensions such as time, host, IP address, and keywords.
Traceability and Forensics: Reconstructs the attack intrusion path and generates a complete log chain that can serve as evidence.

Ajuda e Suporte

Esta página foi útil?

Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.

comentários

Phase	Core Concept	Problem Solved
Pre-risk Governance	Shifting security left, proactively discovering and fixing risks.	"If not fixed, a security incident may occur."
In-process Detection and Response	Real-time awareness and attack blocking	"How to handle ongoing attacks."
Post-incident Security Operations	In-depth tracing and continuous improvement of operational capabilities	"How to conduct post-mortem analysis and improvement after an attack."

Alarm Type	Specific Scenario
Host Intrusion Alarm	Malicious processes, brute-force attacks, abnormal logins, Trojan horse implantation, reverse shells, and abnormal commands, and so on.
Ransomware Behavior Alarm	Ransomware behavior detection, file encryption behavior blocking

tencent cloud

Cloud Security Center

Security Lifecycle Framework

Proactive Risk Governance

Host Vulnerability Management

Cloud Security Posture Management

Checking for Snapshots

TencentCloud API Risk Governance

AI Agent Security

Data Security Posture

Real-time Detection and Response

Alarm Center

Covered Alarm Types

Core Capabilities

Post-Incident Security Operations

Log Analysis

Ajuda e Suporte