tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Cloud Workload Protection Platform
    Documentation
    Download PDF

    Features in Different Editions

    Last updated: 2022-09-14 10:42:35
    Download PDF

      This document describes the features of different CWPP editions.

      Features

      The features of different CWPP editions are listed below.

      Category Feature Description CWPP Basic
      Free of charge      		 CWPP Pro
      Monthly subscription: 12 USD/license/month      		 CWPP Ultimate
      Monthly subscription: 27 USD/license/month
      Security Dashboard Security Dashboard Displays the health score, protection status, pending risks, risk trend, and new security incidents in real time.
      Asset Management Asset Dashboard Displays the statistics of all servers and asset fingerprints, as well as top 5 accounts, ports, processes, software applications, databases, Web applications, Web services, Web frameworks, and Web sites.
      Server List Displays the information of all servers connected to CWPP, helping you get a full picture of the security status of your assets.
      Asset Fingerprint Provides detailed asset inventory data about server resource monitoring, accounts, ports, and processes and helps you quickly investigate the risks of security events that have occurred. ×
      Supports 10 kinds of fingerprints
      Supports 15 kinds of fingerprints
      Intrusion Detection
      Malicious File Scan
      • Webshell detection: Detects common web script Trojans and backdoors, covering various script languages such as ASP, PHP, JSP, and Python.
      • Binary virus and Trojan detection: Detects binary executable viruses and Trojans such as DDoS Trojans, remote control, and mining software on .exe, .ddl, and .bin files, and sends alarms.
      Detects at most 5 risks for free
      Supports detection (no auto isolation)
      Supports detection, and auto isolation
      Password Cracking
      • Supports real-time detection, alarm, and blocking of brute force attacks on SSH and RDP, and login allowlist configuration.
      • Supports user-defined blocking rules for brute force attacks, such as rules to detect brute force attacks 5 times within 1 minute and block the attacks detected for 15 minutes.
      • Records events, including the cracking status, server, attacker IP, attack source, login username, attack time, number of attack attempts and blocking status.
      Supports detection only (no blocking)
      Supports detection and auto blocking
      Supports detection and auto blocking
      Unusual Login
      • Detects logins in real time, and automatically identifies non-allowlist IP logins and malicious logins.
      • Supports allowlist configuration in terms of login source, source IP, server, login username and login time.
      Malicious Requests Detects the server's internal or external connection requests with malicious domain names in real time, provides threat source information and event records, and sends alarms automatically to users. ×
      Local Privilege Escalation
      • Supports real-time alarms for local privilege escalation, and allowlist configuration.
      • Records events, including the server name, privilege escalation user, privilege escalation process, parent process, parent process user, discovery time, file path and process tree.
      		 ×
      Reverse Shell
      • Supports real-time alarms for reverse shells, and allowlist configuration.
      • Records events, including the server name, connection process, parent process, target server, target port, discovery time, file path, process tree and execution commands.
      		 ×
      High-risk Commands
      • Records the bash command executed on the CVM, and monitors potentially dangerous operations aligning with the audit rules in real time.
      • Provides default rules and user-defined rules.
      • Records events, including the server name, matched rule name, threat level, command content, login user and operation time.
      		 ×
      Vulnerability Management Urgent Vulnerability
      • Detects recent urgent vulnerabilities (such as zero-day attacks).
      • Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
      Detects at most 5 risks for free
      Supports detection (no fixing)
      Supports detection and partial fixing
      Linux Software Vulnerability
      • Detects gnutls resource management errors and other common Linux software vulnerabilities and provides fix schemes.
      • Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
      Windows System Vulnerability
      • Detects and provides fix schemes for Windows system vulnerabilities by syncing the patch sources on Microsoft's official website in real time, to prevent hackers from attacking or threatening your server through the vulnerabilities.
      • Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
      Web-CMS Vulnerability
      • Checks phpMyAdmin, WordPress and other web components for common Web vulnerabilities and provides fix schemes.
      • Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
      Application Vulnerability
      • Provides weak password detection for system services, as well as vulnerability detection for system and application services.
      • Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
      Security Baseline CIS Baseline Standard
      • Supports baseline checks against CIS and weak passwords, and provides fix schemes.
      • Displays check results, including the check server, check items, baseline pass rate, top 5 baseline check items and top 5 server risks, and supports periodic and quick checks.
      Detects at most 5 risks for free
      Supports detection (no customization)
      Supports detection and customization
      Tencent Cloud Baseline Standard
      Weak Password Baseline
      Advanced Defense Core File Monitoring You can configure monitoring rules for core files and view and process monitoring events. You can also configure the allowlist to allow permitted access to files. (Only operating systems with Linux kernel 3.10 or above are supported.) × ×
      Settings Alarm Notification Supports alarm notifications via SMS and email, and lists of alarm events.
      License Management If you have purchased the CWPP Pro or CWPP Ultimate, you can bind the server to upgrade its protection level on the License Management page. You can also unbind an upgraded server.
      Performance Resource Consumption Each agent requires low resource usage with CPU usage below 5% and memory below 30 MB, which does not affect the system performance.
      High Stability With a high-reliability and high-stability system, CVM can implement mechanisms such as downgrade or suicide to ensure the availability of your business.
      Multi-Operating System Support Compatible with major operating systems such as Windows, CentOS, Debian, and RedHat.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2023 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy