Cloud assets are facing continuous security threats, such as network intrusion and host intrusion. To cope with these threats, enterprises need to use different security products like CWPP, CFW and WAF. However managing alerts, configurations and policies on these products separately lowers the efficiency of the operations. To this end, CSC integrates data and capabilities of Tencent Cloud security products and also Tencent's years of threat analysis experience and threat intelligence data to help customers carry out threat operations.
Tencent Cloud XDR threat operations solution uses CSC as the core platform to collect and analyze alerts and logs of CWPP, CFW and WAF. It analyzes alerts based on alert characterization, event investigation and threat intelligence analysis, so as to identify alerts requiring attention, and generate compromisation reports to trace back the entire attack process. As a cloud-native product, CSC integrates the handling and blocking capabilities of CWPP, CFW, WAF and security groups. This helps customers improve the threat response efficiency. Tencent Cloud can also provide cloud-based threat management and operations services to help customers who lack operational manpower and capabilities perform real-time threat monitoring and response.