Security Situation Awareness

Based on big data mining and machine learning technologies, the Security Situation Awareness (SSA) service smartly analyzes the security situation of your cloud environment in various dimensions to help you gain control of your Elastic Cloud Servers' (ECSs') security.

Join the open beta to claim a limited free trial. Learn more

Advantages

Ease of Use

Centrally presents security events and analysis results in a clear manner.

Smart Data Analysis

Uses big data mining and machine learning technologies to smartly analyze massive amounts of security data.

Multi-dimension Analysis

Analyzes cloud security in various dimensions, such as user, attacker, and Internet security situation, to help you know your cloud security situation better.

Diversified Visual Effects

Presents security events and analysis results in various forms to help you know the overall security situation.

Architecture

SSA

  • Big data analysis platform: uses big data mining and machine learning technologies to smartly analyze massive security information and logs.
  • Security Situation Awareness: sorts out and summarizes analysis results, reports, and data, and provides operation interfaces.
  • Security service log database: provides logs of security services to the analysis platform.
  • Security intelligence: collects the latest security intelligence from the Internet.

Application Scenarios

Security Assessment

By collecting and analyzing the latest security intelligence from the Internet, SSA provides guidance to security assessment of your cloud environment.

Security Intelligence Presentation

SSA presents detailed security assessment of your cloud environment based on analysis of the security level, risks, and possible attack methods of the environment.

Function Description

Overview

Provides a security overview of your environment, including numbers of attacks received and weaknesses detected of the day, statistics about attackers, as well as attack trend of the week.

User Security Situation

Analyzes security threats and weakness of ECSs from users' perspective:
Threat analysis: warns about attacked and weak devices, with a detailed list of attack information provided.
Weakness analysis: displays numbers of weaknesses by their types and provides weakness details.

Attacker Situation

Analyzes possible attack methods from attackers' perspective and provides detailed analysis results, including:
Attacker overview: shows numbers of attackers, malicious hosts, and attacked hosts.
Attacker details: reveals attackers' skills, targets, and active periods.

Global Situation

Displays the security situation of the entire cloud platform.

Registration