Risk
Download
Focus Mode
Font Size
It comprehensively presents risk details, associated assets and alarm information, risk levels, and handling status from both the risk item and asset perspectives, assisting the security team in assessing risk priorities and tracking the risk handling process.
Risk Item Perspective
From the risk item perspective, it focuses on risk details and the associated affected bucket assets. You can precisely locate and handle the corresponding affected storage assets by risk item dimension, improving the focus and efficiency of risk handling.
Risk List
1. Log in to the CSC console, and click Data Security Situation Management > COS Risk Monitoring in the left navigation pane.
2. On the COS Exception Monitoring page, click Risk.
3. In the Risk > Risk item perspective view, it automatically scans bucket permission configurations from the risk item perspective, identifies buckets with risks, and displays the risk detection time and risk level.
Risk Item Details
1. In the Risk > Risk item perspective view, select the desired asset and click Details.
2. On the Risk Item Details page, you can view the basic information of the risk item, the affected buckets, and configuration recommendations.
View the basic information of the risk item.
View the list of affected buckets. By default, buckets with unhandled risks are displayed.
Risk Details
1. On the Risk Item Details > Affected buckets page, select the desired account and click Risk details.
2. On the Risk details page, you can view the basic risk information, risk evidence and description, risk-related API call details, and configuration recommendations.
View the basic risk information, which includes: affected bucket name, bucket region, bucket remarks, Tags, account name, and APPID.
View the risk description and evidence. The evidence for this risk detail includes: permission source/content, policy ID/authorization policy name, authorized resource, and authorized operation.
View the details of risk-related API calls and configuration recommendations.
Asset Perspective
From the asset perspective, it focuses on all risk items triggered by a single storage asset and their handling status. This enables tracking of risk handling for individual assets, accurately assesses the impact of risks on asset security, and supports the continuous safeguarding of asset security.
Risk List
1. Log in to the CSC console, and click Data Security Situation Managrment > COS Risk Monitoring in the left navigation pane.
2. On the COS Exception Monitoring page, click Risk.
3. In the Risk > By Asset view, it automatically scans AK permission configurations from the asset perspective, identifies buckets with risks, and clearly lists the affected account for each risk.
Risk Details
1. On the Risk > By Asset page, select the desired risk name and click Details.
2. On the Risk Details page, you can view the basic risk information, risk evidence and description, risk-related API call details, and configuration recommendations.
View the basic risk information, which includes: affected bucket name, bucket region, bucket remarks, Tags, account name, and APPID.
View the risk description and evidence. The evidence for this risk detail includes: permission source/content, policy ID/authorization policy name, authorized resource, and authorized operation.
View the details of risk-related API calls and configuration recommendations.
Risk Handling
Marking as Ignored
1. In the Risk > By Asset view, you can process target risks individually or in batches:
Single Risk Handling: In the operation column of the target risk, click More > Ignored.
Batch Handling: On the risk page, select multiple target risks and choose More > Ignored.
2. In the secondary confirmation dialog, click OK to mark the risk as ignored.
Help and Support
Was this page helpful?
You can also Contact sales or Submit a Ticket for help.
Help us improve! Rate your documentation experience in 5 mins.
Feedback