Product Overview
Last updated: 2025-09-24 17:40:56
Security Service Platform (SPS) standardizes, streamlines, and automates common security operation tasks, including asset management, vulnerability management, emergency response, personnel management, and service management, thereby enabling efficient management of user security operations. Through automated orchestration processes, flexible operation capabilities, and accumulation of service modules, it achieves visualization of security operation processes, modularization of security development processes, and automation of security execution processes.
has features such as Exposure Management (CTEM). Below is a detailed description of CTEM:
Feature Introduction
CTEM is a proactive risk management service designed to mine and analyze the exposure surfaces and potential threats of enterprise assets through a series of tools such as vulnerability discovery and threat monitoring, based on enterprise authorization. It leverages techniques, including attack simulation, to verify attack paths and dynamically assess the accessibility, exposure surfaces, and exploitability of enterprise digital and physical assets. This helps enterprises reduce vulnerability exploitation risks and optimize operation processes.
Threat and Exposure Surface Monitoring
At the Internet level, CTEM can periodically monitor and identify the exposure surfaces and threats (including IP addresses, domain names, ports, website fingerprints, admin backends, mailboxes, source code, databases, and compromised employee accounts and etc.) of enterprises and organizations across data centers, cloud providers, organizational personnel, supply chain vendors, third-party partners, and other dimensions. The exposure surface risks include but are not limited to the following:
Internet asset risk monitoring: Continuously monitor and assess risks on the Internet side, including exposure surfaces, threats, and vulnerabilities (defects and misconfigurations).
Cloud service risk monitoring: Leverage the XSPM engine to identify security risks in enterprise cloud service configurations (including bucket, cloud key, and security group configuration risks) based on the ATT&CK cloud attack and defense matrix.
Codebase monitoring: Monitor and identify exposure surface information, including confidential accounts and sensitive code, in enterprise codebases such as GitHub and GitLab.
Mobile app monitoring: Monitor counterfeit information of enterprise assets, including WeChat official accounts, Mini Programs, apps, and new media.
Supply chain risk monitoring: Continuously monitor and analyze external attack surface risks of enterprise branches and supply chain partners.
Employee exposure surface monitoring: Identify enterprise exposure surface risks, including employee account leakage and login credential leakage.
Risk Analysis and Verification
Based on the enterprise exposure surface data captured during the monitoring period, automated attack simulation and red team methods are used to perform correlation analysis and verification on the mapped data. The potential attack tactics and methods (including key vulnerability exploitation, baseline, cloud account or key leakage, and employee account passwords) that attackers may use are analyzed. Also, the potential attack paths and affected assets are identified and then prioritized by risk level, and the attack path descriptions and risk priority list are provided.
Remediation and Improvement
For high-priority exposure surfaces and threats dynamically identified during the service period, remediation recommendations and mitigation references are provided to help enterprises continuously improve their operation processes, technical security, and other aspects.
Note:
Since the service content will be continuously enriched based on external risks, the content specified in the service purchased by a customer shall prevail.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback