Experience Enhancements

Security Center - CTDR Releases V2.0 Security Event Handling

Oct 30 2024

Security Center
Security event handling is the core capability of the Cloud Threat Detection and Response (CTDR) feature. This capability provides comprehensive insights into security events across the entire enterprise and helps users improve the efficiency of security operations.
Content

1. The alerts from hosts and containers can be handled by using the CTDR feature. After the alerts are handled, the alert status changes. 2. The 5W2H method is used to provide event descriptions, evidence timelines, provenance graphs, and multiple views of alerts. This improves the readability, insight perspective, and handling guidance of events. 5W2H refers to Who, What, When, Where, Why, How, and How Much. 3. Automated incident investigation and tracing based on alerts, entities, and Indicators of Compromise (IOCs) are supported. 4. The Alert page is optimized to unify global alerts and alerts from hosts and containers. On the Alert page, alerts are classified by security service in which alert logs are recorded.

7th Gen ECS Is Now Available

Increase instance computing power by up to 40% and Fully equipped with TPM chips.
Powered by Third-generation Intel® Xeon® Scalable processors (Ice Lake).

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.