VSS is a powerful enterprise-grade security monitoring system launched by Tencent Cloud, with the following strengths:
Comprehensive Asset Risk Monitoring
VSS is built on the basis of Tencent Security's 20 years of experience in combating cybercrimes and accumulation of massive threat intelligence. It comprehensively monitors various risks in enterprise websites and assets, including weak passwords, web vulnerabilities, sensitive and non-compliant content, website tampering, trojans, and cryptomining.
In-depth Risk Detection
- Adopting Tencent's web 2.0 threat detection engine and two decades of experience in combating cybercrimes, VSS carefully orchestrates attack policies to simulate real-world hacking attacks and intuitively present the vulnerability situation from the perspective of hackers.
- Preconfigured with thousands of harmless proof of concepts (POCs) and based on the strong 0-day vulnerability mining and sensing capabilities of Tencent's seven security labs (Yunding, Cohen, etc.), VSS can effectively detect 0/1/N-day vulnerabilities in asset components, such as operating systems, databases, web middleware, and CMS applications, to fully protect the asset security.
- Relying on the smart content security detection engine created from Tencent's many years of development in the field of social networking information security moderation, VSS further uses big data and AI technologies to quickly and accurately detect website tampering, sensitive words, phishing, trojans, private links, and pornographic and terrorism information.
Precise Asset Detection
- VSS supports not only the assets of Linux and Windows servers but also common IoT devices such as cameras, routers, and industrial control devices.
- VSS has a vast built-in protocol and fingerprint library, through which it can quickly and accurately identify assets' operating systems, open ports, and service components.
Integrated Monitoring-Defense Collaboration
Once VSS finds a security risk, it can collaborate with CWPP and WAF in the cloud to form a closed loop from risk monitoring to risk handling.
Professional Security Team
- Tencent Security's expert team can provide professional repair suggestions for discovered security risks and regularly detect known threats to ensure that they have been eliminated.
- Tencent Security experts come from top-notch security labs and teams, including Cohen, Xuanwu, and Zhanlu labs that have won the titles of "Master of Pwn" and "Pwn2Own World Championship" and received many thanks from Microsoft, Adobe, and other tech giants, as well as the eee team that has won the championship in many Chinese and international cybersecurity challenges.
If you need to protect your websites or API services from vulnerabilities, you can purchase WAF. It protects websites and applications from the top 10 OWASP vulnerabilities and combats web vulnerability exploitation, malicious crawlers, and CC attacks.