tencent cloud

CTEM is a proactive risk management service designed to monitor and identify the exposure surfaces and potential threats of enterprise assets through a series of tools based on enterprise authorization and from an attacker's perspective. It leverages techniques, including attack simulation or automated testing of attack scenarios, to validate risks in practice and dynamically assess the accessibility, exposure surfaces, and exploitability of enterprise digital and physical assets. This helps enterprises reduce vulnerability exploitation risks and optimize operation processes.

During the service period, if critical exposure surface threats are detected through monitoring, attack path analysis will be conducted with priority classification, generating precise remediation recommendations. If no major exposure surface threats are monitored, regular monitoring analysis reports will be provided to report the monitored items.

No. The CTEM data is partially sourced from scanning and partially from third-party mapping engines and Internet/dark web channels. During the service period, some scanning activities may occur. After service authorization is obtained, risk mitigation measures such as rate control and scan time coordination will be implemented to avoid impacting normal business operations.

No, it is not required. CTEM relies on the Tencent Cloud's SPS exposure surface identification engine, as well as the service capabilities of the attack and defense team, with no requirement for security products.

Different phases employ different technical capabilities. For instance, in the mapping engine phase, to achieve faster and more timely discovery capabilities, the self-developed T-SCAN engine is enhanced by integrating Tencent's self-operated security experience rule sets; in the risk priority classification phase, the VPT assessment method is utilized to rapidly rate vulnerability risks; in the attack path analysis phase, large models and rule sets are employed for rapid validation.