Features in Different Editions

Recent Pages

Features in Different Editions

Last updated: 2024-05-10 09:41:10

The features of different CWPP editions are listed below.    
Category
Feature
Description
CWPP Basic
Free of charge
CWPP Pro
Monthly subscription: 12 USD/license/month
CWPP Ultimate
Monthly subscription: 27 USD/license/month
﻿
Value-Added Service (Billed Independently)
Security Dashboard
Security Dashboard
Displays the health score, protection status, pending risks, risk trend, and new security incidents in real time.
✓
✓
✓
-
Asset Management	
Asset Dashboard
Displays the statistics of all servers and asset fingerprints, as well as top 5 accounts, ports, processes, software applications, databases, Web applications, Web services, Web frameworks, and Web sites.
✓
✓
✓
-
﻿
Server List
Displays the information of all servers connected to CWPP, helping you get a full picture of the security status of your assets.
✓
✓
✓
-
﻿
Asset Fingerprint
Provides detailed asset inventory data about server resource monitoring, accounts, ports, and processes and helps you quickly investigate the risks of security events that have occurred.
×
✓
Supports 10 kinds of fingerprints
✓
Supports 15 kinds of fingerprints
-
Intrusion Detection
﻿
Malicious File Scan
Webshell detection: Detects common web script Trojans and backdoors, covering various script languages such as ASP, PHP, JSP, and Python.
Binary virus and Trojan detection: Detects binary executable viruses and Trojans such as DDoS Trojans, remote control, and mining software on .exe, .ddl, and .bin files, and sends alarms.
✓
Detects at most 5 risks for free
✓
Supports detection (no auto isolation)
✓
Supports detection, and auto isolation
-
﻿
Password Cracking
Supports real-time detection, alarm, and blocking of brute force attacks on SSH and RDP, and login allowlist configuration.
Supports user-defined blocking rules for brute force attacks, such as rules to detect brute force attacks 5 times within 1 minute and block the attacks detected for 15 minutes.
Records events, including the cracking status, server, attacker IP, attack source, login username, attack time, number of attack attempts and blocking status.
✓
Supports detection only (no blocking)
✓
Supports detection and auto blocking
✓
Supports detection and auto blocking
-
﻿
Unusual Login
Detects logins in real time, and automatically identifies non-allowlist IP logins and malicious logins.
Supports allowlist configuration in terms of login source, source IP, server, login username and login time.
✓
✓
✓
-
﻿
Malicious Requests
Detects the server's internal or external connection requests with malicious domain names in real time, provides threat source information and event records, and sends alarms automatically to users.
×
✓
✓
-
﻿
Local Privilege Escalation
Supports real-time alarms for local privilege escalation, and allowlist configuration.
Records events, including the server name, privilege escalation user, privilege escalation process, parent process, parent process user, discovery time, file path and process tree.
×
✓
✓
-
﻿
Reverse Shell
Supports real-time alarms for reverse shells, and allowlist configuration.
Records events, including the server name, connection process, parent process, target server, target port, discovery time, file path, process tree and execution commands.
×
✓
✓
-
﻿
High-risk Commands
Records the bash command executed on the CVM, and monitors potentially dangerous operations aligning with the audit rules in real time.
Provides default rules and user-defined rules.
Records events, including the server name, matched rule name, threat level, command content, login user and operation time.
×
✓
✓
-
Vulnerability Management	
Urgent Vulnerability
Detects recent urgent vulnerabilities (such as zero-day attacks).
Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.

✓
Detects at most 5 risks for free

✓
Supports detection (no fixing)
✓
Supports detection and partial fixing
-
﻿
Linux Software Vulnerability
Detects gnutls resource management errors and other common Linux software vulnerabilities and provides fix schemes.
Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
﻿
﻿
﻿
-
﻿
Windows System Vulnerability
Detects and provides fix schemes for Windows system vulnerabilities by syncing the patch sources on Microsoft's official website in real time, to prevent hackers from attacking or threatening your server through the vulnerabilities.
Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
﻿
﻿
﻿
-
﻿
Web-CMS Vulnerability
Checks phpMyAdmin, WordPress and other web components for common Web vulnerabilities and provides fix schemes.
Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
﻿
﻿
﻿
-
﻿
Application Vulnerability
Provides weak password detection for system services, as well as vulnerability detection for system and application services.
Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.
﻿
﻿
﻿
-
Security Baseline	
CIS Baseline Standard	
Supports baseline checks against CIS and weak passwords, and provides fix schemes.
Displays check results, including the check server, check items, baseline pass rate, top 5 baseline check items and top 5 server risks, and supports periodic and quick checks.
✓
Detects at most 5 risks for free
✓
Supports detection (no customization)
✓
Supports detection and customization
-
﻿
Tencent Cloud Baseline Standard
﻿
﻿
﻿
﻿
-
﻿
Weak Password Baseline
﻿
﻿
﻿
﻿
-
Advanced Defense
Core File Monitoring
You can configure monitoring rules for core files and view and process monitoring events. You can also configure the allowlist to allow permitted access to files. (Only operating systems with Linux kernel 3.10 or above are supported.)
×
×
✓
-
Value-Added Service
Log Analysis
View the details of all stored traffic logs. Log search and query based on search statements are supported. Report and statistical analysis services are provided.
× Value-added billing
× Value-added billing
× Value-added billing
Independent billing: 0.13 USD/GB/month
Settings
Alarm Notification
Supports alarm notifications via SMS and email, and lists of alarm events.
✓
✓
✓
-
﻿
License Management
If you have purchased the CWPP Pro or CWPP Ultimate, you can bind the server to upgrade its protection level on the License Management page. You can also unbind an upgraded server.
✓
✓
✓
-
Performance	
Resource Consumption
Each agent requires low resource usage with CPU usage below 5% and memory below 30 MB, which does not affect the system performance.
✓
✓
✓
-
﻿
High Stability
With a high-reliability and high-stability system, CVM can implement mechanisms such as downgrade or suicide to ensure the availability of your business.
✓
✓
✓
-
﻿
Multi-Operating System Support
Compatible with major operating systems such as Windows, CentOS, Debian, and RedHat.
✓
✓
✓
-
﻿

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support

tencent cloud

Recent Pages

Features in Different Editions

Was this page helpful?

Was this page helpful?

Category	Feature	Description	CWPP Basic Free of charge	CWPP Pro Monthly subscription: 12 USD/license/month	CWPP Ultimate Monthly subscription: 27 USD/license/month	Value-Added Service (Billed Independently)
Security Dashboard	Security Dashboard	Displays the health score, protection status, pending risks, risk trend, and new security incidents in real time.	✓	✓	✓	-
Asset Management	Asset Dashboard	Displays the statistics of all servers and asset fingerprints, as well as top 5 accounts, ports, processes, software applications, databases, Web applications, Web services, Web frameworks, and Web sites.	✓	✓	✓	-
		Server List	Displays the information of all servers connected to CWPP, helping you get a full picture of the security status of your assets.	✓	✓	✓	-
		Asset Fingerprint	Provides detailed asset inventory data about server resource monitoring, accounts, ports, and processes and helps you quickly investigate the risks of security events that have occurred.	×	✓ Supports 10 kinds of fingerprints	✓ Supports 15 kinds of fingerprints	-
Intrusion Detection	Malicious File Scan	Webshell detection: Detects common web script Trojans and backdoors, covering various script languages such as ASP, PHP, JSP, and Python. Binary virus and Trojan detection: Detects binary executable viruses and Trojans such as DDoS Trojans, remote control, and mining software on .exe, .ddl, and .bin files, and sends alarms.	✓ Detects at most 5 risks for free	✓ Supports detection (no auto isolation)	✓ Supports detection, and auto isolation	-
		Password Cracking	Supports real-time detection, alarm, and blocking of brute force attacks on SSH and RDP, and login allowlist configuration. Supports user-defined blocking rules for brute force attacks, such as rules to detect brute force attacks 5 times within 1 minute and block the attacks detected for 15 minutes. Records events, including the cracking status, server, attacker IP, attack source, login username, attack time, number of attack attempts and blocking status.	✓ Supports detection only (no blocking)	✓ Supports detection and auto blocking	✓ Supports detection and auto blocking	-
		Unusual Login	Detects logins in real time, and automatically identifies non-allowlist IP logins and malicious logins. Supports allowlist configuration in terms of login source, source IP, server, login username and login time.	✓	✓	✓	-
		Malicious Requests	Detects the server's internal or external connection requests with malicious domain names in real time, provides threat source information and event records, and sends alarms automatically to users.	×	✓	✓	-
		Local Privilege Escalation	Supports real-time alarms for local privilege escalation, and allowlist configuration. Records events, including the server name, privilege escalation user, privilege escalation process, parent process, parent process user, discovery time, file path and process tree.	×	✓	✓	-
		Reverse Shell	Supports real-time alarms for reverse shells, and allowlist configuration. Records events, including the server name, connection process, parent process, target server, target port, discovery time, file path, process tree and execution commands.	×	✓	✓	-
		High-risk Commands	Records the bash command executed on the CVM, and monitors potentially dangerous operations aligning with the audit rules in real time. Provides default rules and user-defined rules. Records events, including the server name, matched rule name, threat level, command content, login user and operation time.	×	✓	✓	-
Vulnerability Management	Urgent Vulnerability	Detects recent urgent vulnerabilities (such as zero-day attacks). Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.	✓ Detects at most 5 risks for free	✓ Supports detection (no fixing)	✓ Supports detection and partial fixing	-
		Linux Software Vulnerability				Detects gnutls resource management errors and other common Linux software vulnerabilities and provides fix schemes. Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.		-
		Windows System Vulnerability				Detects and provides fix schemes for Windows system vulnerabilities by syncing the patch sources on Microsoft's official website in real time, to prevent hackers from attacking or threatening your server through the vulnerabilities. Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.		-
		Web-CMS Vulnerability				Checks phpMyAdmin, WordPress and other web components for common Web vulnerabilities and provides fix schemes. Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.		-
		Application Vulnerability				Provides weak password detection for system services, as well as vulnerability detection for system and application services. Displays vulnerability details, including the vulnerability description, vulnerability type, threat level, fix scheme, reference link, disclosure event, CVE number, CVSS score, and radar chart.		-
Security Baseline	CIS Baseline Standard	Supports baseline checks against CIS and weak passwords, and provides fix schemes. Displays check results, including the check server, check items, baseline pass rate, top 5 baseline check items and top 5 server risks, and supports periodic and quick checks.	✓ Detects at most 5 risks for free	✓ Supports detection (no customization)	✓ Supports detection and customization	-
						Tencent Cloud Baseline Standard			-
						Weak Password Baseline			-
Advanced Defense	Core File Monitoring	You can configure monitoring rules for core files and view and process monitoring events. You can also configure the allowlist to allow permitted access to files. (Only operating systems with Linux kernel 3.10 or above are supported.)	×	×	✓	-
Value-Added Service	Log Analysis	View the details of all stored traffic logs. Log search and query based on search statements are supported. Report and statistical analysis services are provided.	× Value-added billing	× Value-added billing	× Value-added billing	Independent billing: 0.13 USD/GB/month
Settings	Alarm Notification	Supports alarm notifications via SMS and email, and lists of alarm events.	✓	✓	✓	-
Settings		License Management	If you have purchased the CWPP Pro or CWPP Ultimate, you can bind the server to upgrade its protection level on the License Management page. You can also unbind an upgraded server.	✓	✓	✓	-
Performance	Resource Consumption	Each agent requires low resource usage with CPU usage below 5% and memory below 30 MB, which does not affect the system performance.	✓	✓	✓	-
		High Stability	With a high-reliability and high-stability system, CVM can implement mechanisms such as downgrade or suicide to ensure the availability of your business.	✓	✓	✓	-
		Multi-Operating System Support	Compatible with major operating systems such as Windows, CentOS, Debian, and RedHat.	✓	✓	✓	-

tencent cloud

Sign Up

Log in

Recent Pages

Features in Different Editions

Was this page helpful?

Was this page helpful?