Provide the tenants with the quantitative indicators about the service security status as well as alarm events and threat events from the attacker’s perspective, and indicator changes of engine coverage rate, machine vulnerability events and website vulnerability events from the defender’s perspective. At the same time, provide the 7/30d development trends of security incidents, Top 10 risk assets summarized and counted as for alarm and threat events and Top 10 threat forms summarized and counted as for alarm types and threat models.
Query based on account asset, time period of details, attack type, grade and processing status, list of event details and event processing status are provided. At the same, details of specific events and fix-up suggestions are provided.
Query based on account asset, time period of details, threat model, grade and processing status, list of event details and more details of event processing status are provided. At the same, details of specific events are provided. Distinguish the real-time mining and off-line mining according to the associated mining time period.
The details based on machine vulnerability are provided and the machine weakness is exhibited to the user by using the vulnerability as the statistical dimensionality. Supervise and urge the user to fix up relevant vulnerability.
Combined with practical experience of white-box penetration testing, provide comprehensive website threat detection service to JD Cloud through advanced crawler and distributed technology. It can help users to shorten the time of detecting vulnerabilities in cloud assets and repair them in time to alleviate the further occurrence of hacker intrusion to a certain extent, while avoiding the loss of brand image and economy.
When a critical vulnerability occurs, the operation team of JD Cloud Security will provide an emergency vulnerability verification POC to help the user quickly check the health status of the server, shorten the time of detecting vulnerabilities in cloud assets and repair them in time.
Account asset query is provided based on Internet and Intranet IP, machine ID and machine name. The network detection engine on/off function is provided as well. At the same time, alarms, threats, machine vulnerability and website vulnerability count concerning assets are provided.
To help the user quickly obtain threat event alarms, the alarm function via email and SMS is designed.
The security visualization screen is mainly used for helping the security operator make the security operation policies, visiting and inspecting by leaders of the enterprise or users of the industry as well as showing global security situation and other demands to the user. In the current stage, the security visualization screen includes: situation awareness overview, network security situation and endpoint security situation