FAQs
Last updated:2025-09-24 17:40:57
What Is CTEM?
Exposure Management (CTEM) is a proactive risk management service designed to monitor and identify the exposure surfaces and potential threats of enterprise assets through a series of tools based on enterprise authorization and from an attacker's perspective. It leverages techniques, including automated intrusion simulation, to validate risks in practice and dynamically assess the accessibility, exposure surfaces, and exploitability of enterprise digital and physical assets. This helps enterprises reduce vulnerability exploitation risks and optimize operation processes.
What Is the Delivery Method of CTEM?
During the service period, if major exposure surfaces or threats are detected through monitoring, the exposure surface risk elements will be manually correlated to form potential attack paths, and priority classification will be performed manually to generate precise repair recommendations. If no major exposure surfaces or threats are identified, periodic monitoring analysis reports will be provided to report the monitored items.
Will CTEM Impact Business Operations?
No. CTEM data partially comes from scanning and partially comes from third-party mapping engines and Internet/dark web channels. If scanning is involved, risk mitigation measures, including rate control and scan time coordination, will be implemented after obtaining customer service authorization, ensuring that normal business operations are not affected.
Does CTEM Require Purchasing Security Products?
No. CTEM works on top of the Tencent Cloud's Security Service Platform (SPS) exposure identification engine and has all service capabilities provided by the attack and defense team, requiring no other security products.
What New Technologies Does CTEM Use?
Different technical capabilities are applied at different phases. For instance, in the mapping engine phase, to achieve faster and more timely discovery, the self-developed T-SCAN engine is enhanced by integrating Tencent's self-operated security experience rule sets; in the risk priority classification phase, the VPT assessment method is used to rapidly rate vulnerability risks; in the attack path analysis phase, large models and rule sets are employed for rapid validation.
What Is the Difference Between CTEM and ASM?
CTEM differs significantly from Attack Surface Management (ASM), mainly reflected in the following aspects:
1. Delivery format: CTEM is a security service that covers relevant capabilities and manual services, while ASM is a product capability.
2. Main features: CTEM covers confrontation assessment and validation capabilities, and offers vulnerability and risk remediation solutions as well as security reinforcement guidance. After relevant external risk data are identified, the identified exposure surface data are correlated and validated through manual and automated confrontation validation and other techniques. This way, real and valid attack paths can be formed, and precise protection recommendations can be provided at the organizational structure level.
3. Target positioning: CTEM enables closed-loop risk management through a security tool platform and manual services, while ASM focuses on identifying external security risks from an attacker's perspective.
What Is the Difference Between CTEM and Vulnerability Scanning?
CTEM is a security service, while vulnerability scanning primarily focuses on identifying vulnerability risks of assets based on known vulnerability database rules. The main differences lie in:
1. Continuity: CTEM has continuity and can perform continuous monitoring 24/7, while vulnerability scanning is performed either once or at periodic intervals without continuity.
2. Main features: Vulnerability scanning mainly focuses on known vulnerabilities and lacks related capabilities, including baseline configuration inspections, cloud service risk detection, and dark web data leakage. CTEM includes vulnerability scanning along with multiple other capabilities.
3. Target positioning: CTEM is a more closed-loop risk management solution, while vulnerability scanning is one of the sub-capabilities of CTEM or an entry point for CTEM operations.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback