Product Introduction
Purchase Guide
Quick Start
Operation Guide
- Overview
- Vulnerability Management
- COS Risk Monitoring
- Cloud Security Posture Management
- Database Risk Monitor
- Log Analysis
- Notification Center
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Multi-account Management APIs
- Scan Task APIs
- Alarm Center APIs
- Risk Center APIs
- Asset Center APIs
- User Behavior Analysis APIs
- Cloud Boundary Analysis APIs
- Cloud API Anomaly Detection APIs
- Cloud Resource Configuration Check APIs
- AI-SPM APIs
- Skill Security Detection APIs
- Key Sandbox APIs
- IaC Detection APIs
- Report Download APIs
- Solid Protection APIs
- Cloud Security Center Overview APIs
- Data Types
- Error Codes
Related Protocol,
- Service Level Agreement
- Terms Of Service
FAQs
Cloud Security Center (Old Version)
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
Glossary

Editions and Applicable Scenarios

Baixar

Modo Foco

Tamanho da Fonte

Última atualização: 2026-06-16 16:34:13

Feature Set Positioning Overview
Feature Set
Core Positioning
Price
Suitable Enterprise Type
CWPP Professional Edition
Basic host security hardening
12 USD per host per month
SMBs primarily using CVM and requiring basic protection
CWPP Flagship Edition
Complete CWPP protection + compliance
27 USD per host per month
Medium and large enterprises with Center for Internet Security (CIS) compliance requirements
The following modules can be purchased separately and additively across all paid editions, with no edition restrictions:
Module
Benefit
Recommended Use Case
Cloud Product Configuration Check
Check for misconfigurations in cloud products such as databases, buckets, and security groups.
Enterprises with a wide variety of cloud products and high configuration risks
Data Security Posture
Sort out sensitive data distribution and data compliance risks.
Enterprises with Data Security Law/Personal Information Protection Law compliance requirements
Log Analysis
Retain raw logs, perform deep search, and conduct compliance audit.
Enterprises with compliance log retention requirements or in-depth traceability needs
Application Protection
Web application layer security protection
Scenarios with intense security confrontation, and enterprise businesses requiring application-layer protection
TencentCloud API Risk Governance
Manage API exposure surface and perform deep checking for authentication risks
Enterprises with numerous APIs and complex services
Edition Feature Comparison Overview
Module
Free Edition
CWPP (Professional Edition)
CWPP (Flagship Edition)
Asset Center (Hosts/Containers/Cloud Assets)
✅
✅
✅
Emergency Vulnerability Detection
✅
✅
✅
Alarm Center (Remote Login)
✅
✅
✅
One-Click Fix for Linux/Windows/Web-CMS Vulnerabilities
❌
✅
✅
Baseline Detection of Weak Passwords
❌
✅
✅
Alarm Center (Anti-Virus)
❌
✅
✅
Virtual Patching for Vulnerabilities
❌
❌
✅
Application Vulnerability Detection
❌
❌
✅
Compliance Baselines such as Center for Internet Security (CIS)
❌
❌
✅
Cloud Perimeter Analysis
❌
❌
✅
AI Agent Security
❌
❌
✅
Ransomware Detection
❌
❌
✅
Core File Monitoring
❌
❌
✅
Alarm Center (Advanced Host Threat Detection)
❌
❌
✅
Cloud Product Configuration Check
❌
On-demand purchase
On-demand purchase
Data Security Posture
❌
On-demand purchase
On-demand purchase
Log Analysis
❌
On-demand purchase
On-demand purchase
Application Protection
❌
On-demand purchase
On-demand purchase
TencentCloud API Risk Governance
❌
On-demand purchase
On-demand purchase
Detailed Explanation of Editions
CWPP (Professional Edition)
Enterprise Characteristics
Cloud assets primarily consist of CVMs.
It has been exposed to basic intrusion threats such as brute-force attacks, trojans, and abnormal logins.
In the early stages of security construction, a core host protection baseline must be established at a reasonable cost.
No Center for Internet Security (CIS) compliance requirements exist, or only basic weak password management is required.
Core Capabilities Added Compared to the Free Edition
Capability
Specific Description
One-Click Vulnerability Fixing
Supports one-click fix for Linux / Windows / Web-CMS vulnerabilities.
Application Vulnerability Detection
Comprehensively checking for weak passwords in system services and vulnerabilities in application services.
Weak Password Baseline
Automatically discovering weak password configuration risks in the system.
Alarm Center (Anti-Virus)
Receiving core alarms for malicious samples, host intrusions, abnormal logins, malicious processes, and so on.
Capabilities Still Missing
No Center for Internet Security (CIS) compliance baseline detection exists.
No cloud perimeter exposure analysis exists.
Advanced threat detection capabilities do not include the identification of complex attacks such as APTs.
No core file monitoring exists, and tampering with critical files goes undetected.
Typical Scenario: An e-commerce company with 30 CVMs, which had previously suffered SSH brute-force attacks, selected the Professional Edition. This enabled one-click vulnerability fixing, weak password detection, and intrusion alarms, allowing the company to complete its host protection baseline construction at a reasonable cost.
CWPP (Flagship Edition)
Enterprise Characteristics
There are specific Center for Internet Security (CIS) compliance requirement check items.
The asset scale is large (more than 50 servers), and the security exposure surface is broad.
A dedicated security team exists, requiring comprehensive threat detection and response capabilities.
It has experienced advanced attacks such as APTs, or operates in an industry with high security risks.
Core Capabilities Added Compared to the Professional Edition
Capability
Specific Description
Center for Internet Security (CIS) compliance baseline
Built-in CIS Benchmark and Tencent Cloud baseline standards, supporting one-click compliance checking.
Cloud Perimeter Analysis
Sort out the internet-exposed attack surface and identify unnecessary port openings and missing access controls.
Advanced Threat Detection
The alarm center is upgraded to cover complex attack patterns such as APT.
Core File Monitoring
Real-time tamper-proof monitoring for critical system files and Web pages.
AI Agent Security
Security management and risk identification for AI agent assets
Typical Scenario 1 (Compliance-Driven): A healthcare enterprise must pass the Center for Internet Security (CIS) audit annually. The Flagship Edition incorporates built-in compliance baseline detection, reducing the workload for audit preparation.
Typical Scenario 2 (Advanced Threats): An enterprise security team discovered a suspicious process, but no record existed in the alarm center. Through log analysis and proactive investigation based on raw logs, the team successfully identified a covert APT attack that evaded rule-based detection.
FAQs
Q: When will the free edition be upgraded?
A: Immediate upgrade is recommended if any of the following situations occurs: ① experiencing brute-force attacks or intrusion incidents; ② having requirements for ransomware protection or file monitoring; ③ having vulnerabilities that need to be fixed quickly; ④ having Center for Internet Security (CIS) compliance requirements;
﻿
Q: How do I select the most suitable module for on-demand procurement?
A: Add modules on demand based on actual business pain points:
If you have compliance log retention requirements, add the Log Analysis module.
If you have a wide variety of cloud products and high configuration risks, add the Cloud Product Configuration Check module.
If you have data security and compliance requirements, add the DSPM module.
If you have intense security attack and defense scenarios, add the Application Protection module.
If you cannot install a client to meet protection requirements, add the Snapshot Detection module.

Ajuda e Suporte

Esta página foi útil?

Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.

comentários

Feature Set	Core Positioning	Price	Suitable Enterprise Type
CWPP Professional Edition	Basic host security hardening	12 USD per host per month	SMBs primarily using CVM and requiring basic protection
CWPP Flagship Edition	Complete CWPP protection + compliance	27 USD per host per month	Medium and large enterprises with Center for Internet Security (CIS) compliance requirements

Module	Benefit	Recommended Use Case
Cloud Product Configuration Check	Check for misconfigurations in cloud products such as databases, buckets, and security groups.	Enterprises with a wide variety of cloud products and high configuration risks
Data Security Posture	Sort out sensitive data distribution and data compliance risks.	Enterprises with Data Security Law/Personal Information Protection Law compliance requirements
Log Analysis	Retain raw logs, perform deep search, and conduct compliance audit.	Enterprises with compliance log retention requirements or in-depth traceability needs
Application Protection	Web application layer security protection	Scenarios with intense security confrontation, and enterprise businesses requiring application-layer protection
TencentCloud API Risk Governance	Manage API exposure surface and perform deep checking for authentication risks	Enterprises with numerous APIs and complex services

Module	Free Edition	CWPP (Professional Edition)	CWPP (Flagship Edition)
Asset Center (Hosts/Containers/Cloud Assets)	✅	✅	✅
Emergency Vulnerability Detection	✅	✅	✅
Alarm Center (Remote Login)	✅	✅	✅
One-Click Fix for Linux/Windows/Web-CMS Vulnerabilities	❌	✅	✅
Baseline Detection of Weak Passwords	❌	✅	✅
Alarm Center (Anti-Virus)	❌	✅	✅
Virtual Patching for Vulnerabilities	❌	❌	✅
Application Vulnerability Detection	❌	❌	✅
Compliance Baselines such as Center for Internet Security (CIS)	❌	❌	✅
Cloud Perimeter Analysis	❌	❌	✅
AI Agent Security	❌	❌	✅
Ransomware Detection	❌	❌	✅
Core File Monitoring	❌	❌	✅
Alarm Center (Advanced Host Threat Detection)	❌	❌	✅
Cloud Product Configuration Check	❌	On-demand purchase	On-demand purchase
Data Security Posture	❌	On-demand purchase	On-demand purchase
Log Analysis	❌	On-demand purchase	On-demand purchase
Application Protection	❌	On-demand purchase	On-demand purchase
TencentCloud API Risk Governance	❌	On-demand purchase	On-demand purchase

Capability	Specific Description
One-Click Vulnerability Fixing	Supports one-click fix for Linux / Windows / Web-CMS vulnerabilities.
Application Vulnerability Detection	Comprehensively checking for weak passwords in system services and vulnerabilities in application services.
Weak Password Baseline	Automatically discovering weak password configuration risks in the system.
Alarm Center (Anti-Virus)	Receiving core alarms for malicious samples, host intrusions, abnormal logins, malicious processes, and so on.

Capability	Specific Description
Center for Internet Security (CIS) compliance baseline	Built-in CIS Benchmark and Tencent Cloud baseline standards, supporting one-click compliance checking.
Cloud Perimeter Analysis	Sort out the internet-exposed attack surface and identify unnecessary port openings and missing access controls.
Advanced Threat Detection	The alarm center is upgraded to cover complex attack patterns such as APT.
Core File Monitoring	Real-time tamper-proof monitoring for critical system files and Web pages.
AI Agent Security	Security management and risk identification for AI agent assets

tencent cloud

Cloud Security Center

Editions and Applicable Scenarios

Feature Set Positioning Overview

Edition Feature Comparison Overview

Detailed Explanation of Editions

CWPP (Professional Edition)

Enterprise Characteristics

Core Capabilities Added Compared to the Free Edition

Capabilities Still Missing

CWPP (Flagship Edition)

Enterprise Characteristics

Core Capabilities Added Compared to the Professional Edition

FAQs

Ajuda e Suporte