| object | | |
| RequestId | string | | F8B6F758-BCD4-597A-8A2C-DA5A552C**** |
| SecurityScoreRuleList | object [] | The list of deduction modules that are supported by the security score feature. | |
| RuleType | string | The deduction module that is supported by the security score feature. Valid values:
- SS_REINFORCE: issue in key feature configuration
- SS_ALARM: unhandled alert
- SS_VUL: unfixed vulnerability
- SS_HC: baseline risk
- SS_CLOUD_HC: risk item of configuration assessment
- SS_AK: risk of AccessKey pair leaks
| SS_ALARM |
| Score | integer | The deduction threshold of the deduction module.
Note
Valid values: 0 to 100. The sum of the deduction thresholds for all deduction modules must be equal to 100.
| 20 |
| Title | string | The description of the deduction module. | Unhandled Alerts |
| SecurityScoreItemList | object [] | The deduction items of the deduction module. | |
| SubRuleType | string | The deduction item of the deduction module. The following list describes the deduction modules and their deduction items:
-
SS_REINFORCE: issue in key feature configuration
- XPRESS_INSTALL: Security Center is not authorized.
- REINFORCE_SUSPICIOUS: The antivirus feature is disabled.
- RANSOMWARE: The anti-ransomware policy is disabled.
- WEB_LOCK: The web tamper proofing feature is disabled.
- VIRUS_SCHEDULE_SCAN: The periodic virus scan policy is disabled.
- IMAGE_REPO_SCAN: The range of container image scan is not configured.
- IMAGE_SCAN_TASK: The feature of one-click scan of container images for security risks is not performed.
-
SS_ALARM: unhandled alert.
- ALARM_SERIOUS: An unhandled high-risk alert event is detected.
- ALARM_SUSPICIOUS: An unhandled medium-risk alarm event is detected.
- ALARM_REMIND: An unhandled low-risk alarm event is detected.
-
SS_VUL: unfixed vulnerability
- CMS_UNFIX: An unfixed Web-CMS vulnerability is detected.
- WIN_UNFIX: An unfixed Windows host vulnerability is detected.
- CVE_UNFIX: An unfixed Linux host vulnerability is detected.
- ERM_UNFIX: An unfixed urgent vulnerability is detected.
- ERM_UNCHECK: An undetected urgent vulnerability exists.
-
SS_HC: baseline risks
- WEAK_EXPLOIT: Weak passwords are exposed to the Internet.
- WEAK_PASSWORD: Weak passwords exist.
- HC_EXPLOIT: The data source may be hacked.
- HC_OTHER_WARNING: Security configuration risks exist.
-
SS_CLOUD_HC: Cloud platform configuration check item problem.
- CSPM_CIEM_NOT_PASS: A CIEM check item failed the check.
- CSPM_RISK_NOT_PASS: A security risk check item failed the check.
- CSPM_COMPLIANCE_NOT_PASS: A compliance check item failed the check.
-
SS_AK: risk of AccessKey pair leaks
| ALARM_SERIOUS |
| Score | integer | The penalty point of the deduction item. | 3 |
| ScoreThreshold | integer | The threshold for the deduction item.
Note
Valid values: 0 to the deduction threshold of the deduction module.
| 5 |
| Title | string | The description of the deduction item in a deduction module. | Unhandled Urgent Alert Event Exists |
| EnableStatus | boolean | The status of the custom settings of the security score feature.
- true: enabled
- false: disabled
| true |
