- 产品动态
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- Network Security APIs
- AddAndPublishNetworkFirewallPolicyDetail
- AddAndPublishNetworkFirewallPolicyYamlDetail
- AddNetworkFirewallPolicyDetail
- AddNetworkFirewallPolicyYamlDetail
- CheckNetworkFirewallPolicyYaml
- ConfirmNetworkFirewallPolicy
- CreateNetworkFirewallClusterRefresh
- CreateNetworkFirewallPolicyDiscover
- CreateNetworkFirewallPublish
- CreateNetworkFirewallUndoPublish
- DeleteNetworkFirewallPolicyDetail
- DescribeNetworkFirewallAuditRecord
- DescribeNetworkFirewallClusterList
- DescribeNetworkFirewallClusterRefreshStatus
- DescribeNetworkFirewallNamespaceLabelList
- DescribeNetworkFirewallPodLabelsList
- DescribeNetworkFirewallPolicyDetail
- DescribeNetworkFirewallPolicyDiscover
- DescribeNetworkFirewallPolicyList
- DescribeNetworkFirewallPolicyStatus
- DescribeNetworkFirewallPolicyYamlDetail
- UpdateAndPublishNetworkFirewallPolicyDetail
- UpdateAndPublishNetworkFirewallPolicyYamlDetail
- UpdateNetworkFirewallPolicyDetail
- UpdateNetworkFirewallPolicyYamlDetail
- Cluster Security APIs
- CreateCheckComponent
- CreateClusterCheckTask
- CreateRefreshTask
- DescribeAffectedClusterCount
- DescribeAffectedNodeList
- DescribeAffectedWorkloadList
- DescribeCheckItemList
- DescribeRefreshTask
- DescribeRiskList
- DescribeTaskResultSummary
- DescribeUnfinishRefreshTask
- DescribeUserCluster
- SetCheckMode
- DescribeClusterDetail
- DescribeClusterSummary
- Security Compliance APIs
- AddComplianceAssetPolicySetToWhitelist
- AddCompliancePolicyAssetSetToWhitelist
- AddCompliancePolicyItemToWhitelist
- CreateComplianceTask
- CreateExportComplianceStatusListJob
- DeleteComplianceAssetPolicySetFromWhitelist
- DeleteCompliancePolicyAssetSetFromWhitelist
- DeleteCompliancePolicyItemFromWhitelist
- DescribeComplianceAssetDetailInfo
- DescribeComplianceAssetList
- DescribeComplianceAssetPolicyItemList
- DescribeCompliancePeriodTaskList
- DescribeCompliancePolicyItemAffectedAssetList
- DescribeCompliancePolicyItemAffectedSummary
- DescribeComplianceScanFailedAssetList
- DescribeComplianceTaskAssetSummary
- DescribeComplianceTaskPolicyItemSummaryList
- DescribeComplianceWhitelistItemList
- InitializeUserComplianceEnvironment
- ModifyCompliancePeriodTask
- ScanComplianceAssets
- ScanComplianceAssetsByPolicyItem
- ScanCompliancePolicyItems
- ScanComplianceScanFailedAssets
- Runtime security - High-risk syscalls
- Runtime Security - Reverse Shell APIs
- Runtime Security APIs
- AddEditAbnormalProcessRule
- DescribeAssetImageBindRuleInfo
- AddEditAccessControlRule
- AddEditRiskSyscallWhiteList
- CreateDefenceVulExportJob
- CreateEmergencyVulExportJob
- CreateProcessEventsExportJob
- CreateRiskDnsEventExportJob
- CreateSystemVulExportJob
- CreateVulContainerExportJob
- CreateVulImageExportJob
- CreateVulScanTask
- CreateWebVulExportJob
- DeleteAbnormalProcessRules
- DeleteAccessControlRules
- DescribeAbnormalProcessEventTendency
- DescribeAbnormalProcessEventsExport
- DescribeAbnormalProcessLevelSummary
- DescribeAbnormalProcessRuleDetail
- DescribeAbnormalProcessRules
- DescribeAbnormalProcessRulesExport
- DescribeAccessControlRuleDetail
- DescribeAccessControlRules
- DescribeAccessControlRulesExport
- DescribeEmergencyVulList
- DescribeSupportDefenceVul
- DescribeVulContainerList
- DescribeVulDetail
- DescribeVulImageList
- DescribeVulScanInfo
- DescribeVulScanLocalImageList
- DescribeWebVulList
- ModifyAbnormalProcessRuleStatus
- ModifyAbnormalProcessStatus
- ModifyAccessControlRuleStatus
- ModifyAccessControlStatus
- OpenTcssTrial
- StopVulScanTask
- DescribeAccessControlEventsExport
- DescribeAbnormalProcessDetail
- DescribeAbnormalProcessEvents
- DescribeAccessControlDetail
- DescribeAccessControlEvents
- DescribeRiskSyscallDetail
- Alert Settings APIs
- Advanced prevention - K8s API abnormal requests
- CreateAccessControlsRuleExportJob
- CreateK8sApiAbnormalEventExportJob
- CreateK8sApiAbnormalRuleExportJob
- CreateK8sApiAbnormalRuleInfo
- DeleteK8sApiAbnormalRule
- DescribeAssetClusterList
- DescribeK8sApiAbnormalEventInfo
- DescribeK8sApiAbnormalEventList
- DescribeK8sApiAbnormalRuleInfo
- DescribeK8sApiAbnormalRuleList
- DescribeK8sApiAbnormalRuleScopeList
- DescribeK8sApiAbnormalSummary
- DescribeK8sApiAbnormalTendency
- ModifyK8sApiAbnormalEventStatus
- ModifyK8sApiAbnormalRuleInfo
- ModifyK8sApiAbnormalRuleStatus
- Asset Management APIs
- CreateAssetImageScanSetting
- CreateAssetImageVirusExportJob
- CreateHostExportJob
- DeleteMachine
- DescribeABTestConfig
- DescribeAgentDaemonSetCmd
- DescribeAgentInstallCommand
- DescribeAssetSyncLastTime
- DescribeExportJobDownloadURL
- DescribeExportJobManageList
- DescribeInspectionReport
- DescribePromotionActivity
- DescribeTcssSummary
- DescribeUnauthorizedCoresTendency
- ModifyContainerNetStatus
- Security Operations - Log Analysis APIs
- CreateSearchTemplate
- DeleteSearchTemplate
- DescribeESAggregations
- DescribeESHits
- DescribeIndexList
- DescribeLogStorageStatistic
- DescribePublicKey
- DescribeSearchExportList
- DescribeSearchLogs
- DescribeSearchTemplates
- DescribeSecLogAlertMsg
- DescribeSecLogCleanSettingInfo
- DescribeSecLogDeliveryClsOptions
- DescribeSecLogDeliveryClsSetting
- DescribeSecLogDeliveryKafkaOptions
- DescribeSecLogDeliveryKafkaSetting
- DescribeSecLogJoinTypeList
- DescribeSecLogKafkaUIN
- ModifySecLogCleanSettingInfo
- ModifySecLogDeliveryClsSetting
- ModifySecLogDeliveryKafkaSetting
- ModifySecLogJoinState
- ModifySecLogKafkaUIN
- ResetSecLogTopicConfig
- DescribeSecLogJoinObjectList
- ModifySecLogJoinObjects
- Runtime Security - Trojan Call APIs
- CreateVirusScanAgain
- DescribeExportJobResult
- DescribeVirusAutoIsolateSampleDetail
- DescribeVirusAutoIsolateSampleDownloadURL
- DescribeVirusAutoIsolateSampleList
- DescribeVirusAutoIsolateSetting
- DescribeVirusEventTendency
- DescribeVirusManualScanEstimateTimeout
- DescribeVirusSampleDownloadUrl
- DescribeVirusScanTaskStatus
- DescribeVirusScanTimeoutSetting
- DescribeVirusSummary
- ExportVirusList
- ModifyVirusAutoIsolateExampleSwitch
- ModifyVirusAutoIsolateSetting
- ModifyVirusFileStatus
- ModifyVirusScanTimeoutSetting
- StopVirusScanTask
- DescribeVirusMonitorSetting
- DescribeVirusScanSetting
- ModifyVirusMonitorSetting
- ModifyVirusScanSetting
- DescribeVirusList
- DescribeVirusTaskList
- CreateVirusScanTask
- DescribeVirusDetail
- Runtime Security - Container Escape APIs
- DeleteEscapeWhiteList
- CreateEscapeWhiteListExportJob
- CreateEscapeEventsExportJob
- AddEscapeWhiteList
- DescribeEscapeEventTendency
- DescribeEscapeEventsExport
- DescribeEscapeRuleInfo
- DescribeEscapeSafeState
- DescribeEscapeWhiteList
- DescribeEscapeEventTypeSummary
- ModifyEscapeEventStatus
- ModifyEscapeRule
- ModifyEscapeWhiteList
- DescribeEscapeEventDetail
- DescribeEscapeEventInfo
- Image Security APIs
- AddAssetImageRegistryRegistryDetail
- AddEditImageAutoAuthorizedRule
- AddIgnoreVul
- CheckRepeatAssetImageRegistry
- CreateAssetImageRegistryScanTask
- CreateAssetImageRegistryScanTaskOneKey
- CreateAssetImageScanTask
- CreateComponentExportJob
- CreateImageExportJob
- CreateOrModifyPostPayCores
- CreateVulDefenceEventExportJob
- CreateVulDefenceHostExportJob
- CreateVulExportJob
- DeleteIgnoreVul
- DescribeAssetAppServiceList
- DescribeAssetComponentList
- DescribeAssetDBServiceList
- DescribeAssetHostList
- DescribeAssetImageDetail
- DescribeAssetImageHostList
- DescribeAssetImageList
- DescribeAssetImageListExport
- DescribeAssetImageRegistryAssetStatus
- DescribeAssetImageRegistryDetail
- DescribeAssetImageRegistryList
- DescribeAssetImageRegistryListExport
- DescribeAssetImageRegistryRegistryDetail
- DescribeAssetImageRegistryRegistryList
- DescribeAssetImageRegistryRiskInfoList
- DescribeAssetImageRegistryRiskListExport
- DescribeAssetImageRegistryScanStatusOneKey
- DescribeAssetImageRegistrySummary
- DescribeAssetImageRegistryVirusList
- DescribeAssetImageRegistryVirusListExport
- DescribeAssetImageRegistryVulList
- DescribeAssetImageRegistryVulListExport
- DescribeAssetImageRiskList
- DescribeAssetImageRiskListExport
- DescribeAssetImageScanSetting
- DescribeAssetImageScanStatus
- DescribeAssetImageScanTask
- DescribeAssetImageSimpleList
- DescribeAssetImageVirusList
- DescribeAssetImageVirusListExport
- DescribeAssetImageVulList
- DescribeAssetImageVulListExport
- DescribeAssetPortList
- DescribeAssetProcessList
- DescribeAssetWebServiceList
- DescribeAutoAuthorizedRuleHost
- DescribeContainerSecEventSummary
- DescribeImageAutoAuthorizedLogList
- DescribeImageAutoAuthorizedRule
- DescribeImageAutoAuthorizedTaskList
- DescribeImageComponentList
- DescribeImageRegistryNamespaceList
- DescribeImageRegistryTimingScanTask
- DescribeImageRiskSummary
- DescribeImageRiskTendency
- DescribeImageSimpleList
- DescribeNewestVul
- DescribePostPayDetail
- DescribeScanIgnoreVulList
- DescribeSecEventsTendency
- DescribeSystemVulList
- DescribeValueAddedSrvInfo
- DescribeVulDefenceEventTendency
- DescribeVulIgnoreLocalImageList
- DescribeVulIgnoreRegistryImageList
- DescribeVulImageSummary
- DescribeVulLevelImageSummary
- DescribeVulLevelSummary
- DescribeVulRegistryImageList
- DescribeVulScanAuthorizedImageSummary
- DescribeVulTendency
- DescribeVulTopRanking
- ModifyAsset
- ModifyAssetImageRegistryScanStop
- ModifyAssetImageRegistryScanStopOneKey
- ModifyAssetImageScanStop
- ModifyImageAuthorized
- ModifyVulDefenceEventStatus
- RemoveAssetImageRegistryRegistryDetail
- RenewImageAuthorizeState
- SwitchImageAutoAuthorizedRule
- SyncAssetImageRegistryAsset
- UpdateAssetImageRegistryRegistryDetail
- UpdateImageRegistryTimingScanTask
- DescribeAssetHostDetail
- DescribeAssetSummary
- DescribeContainerAssetSummary
- DescribeVulDefenceEventDetail
- DescribeVulSummary
- ModifyVulDefenceSetting
- DescribeAssetContainerDetail
- DescribeAssetContainerList
- DescribeVulDefenceEvent
- DescribeVulDefenceHost
- DescribeVulDefencePlugin
- DescribeVulDefenceSetting
- Billing APIs
- Data Types
- Error Codes
- 常见问题
- TCSS 政策
- 联系我们
- 词汇表
- 产品动态
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- Network Security APIs
- AddAndPublishNetworkFirewallPolicyDetail
- AddAndPublishNetworkFirewallPolicyYamlDetail
- AddNetworkFirewallPolicyDetail
- AddNetworkFirewallPolicyYamlDetail
- CheckNetworkFirewallPolicyYaml
- ConfirmNetworkFirewallPolicy
- CreateNetworkFirewallClusterRefresh
- CreateNetworkFirewallPolicyDiscover
- CreateNetworkFirewallPublish
- CreateNetworkFirewallUndoPublish
- DeleteNetworkFirewallPolicyDetail
- DescribeNetworkFirewallAuditRecord
- DescribeNetworkFirewallClusterList
- DescribeNetworkFirewallClusterRefreshStatus
- DescribeNetworkFirewallNamespaceLabelList
- DescribeNetworkFirewallPodLabelsList
- DescribeNetworkFirewallPolicyDetail
- DescribeNetworkFirewallPolicyDiscover
- DescribeNetworkFirewallPolicyList
- DescribeNetworkFirewallPolicyStatus
- DescribeNetworkFirewallPolicyYamlDetail
- UpdateAndPublishNetworkFirewallPolicyDetail
- UpdateAndPublishNetworkFirewallPolicyYamlDetail
- UpdateNetworkFirewallPolicyDetail
- UpdateNetworkFirewallPolicyYamlDetail
- Cluster Security APIs
- CreateCheckComponent
- CreateClusterCheckTask
- CreateRefreshTask
- DescribeAffectedClusterCount
- DescribeAffectedNodeList
- DescribeAffectedWorkloadList
- DescribeCheckItemList
- DescribeRefreshTask
- DescribeRiskList
- DescribeTaskResultSummary
- DescribeUnfinishRefreshTask
- DescribeUserCluster
- SetCheckMode
- DescribeClusterDetail
- DescribeClusterSummary
- Security Compliance APIs
- AddComplianceAssetPolicySetToWhitelist
- AddCompliancePolicyAssetSetToWhitelist
- AddCompliancePolicyItemToWhitelist
- CreateComplianceTask
- CreateExportComplianceStatusListJob
- DeleteComplianceAssetPolicySetFromWhitelist
- DeleteCompliancePolicyAssetSetFromWhitelist
- DeleteCompliancePolicyItemFromWhitelist
- DescribeComplianceAssetDetailInfo
- DescribeComplianceAssetList
- DescribeComplianceAssetPolicyItemList
- DescribeCompliancePeriodTaskList
- DescribeCompliancePolicyItemAffectedAssetList
- DescribeCompliancePolicyItemAffectedSummary
- DescribeComplianceScanFailedAssetList
- DescribeComplianceTaskAssetSummary
- DescribeComplianceTaskPolicyItemSummaryList
- DescribeComplianceWhitelistItemList
- InitializeUserComplianceEnvironment
- ModifyCompliancePeriodTask
- ScanComplianceAssets
- ScanComplianceAssetsByPolicyItem
- ScanCompliancePolicyItems
- ScanComplianceScanFailedAssets
- Runtime security - High-risk syscalls
- Runtime Security - Reverse Shell APIs
- Runtime Security APIs
- AddEditAbnormalProcessRule
- DescribeAssetImageBindRuleInfo
- AddEditAccessControlRule
- AddEditRiskSyscallWhiteList
- CreateDefenceVulExportJob
- CreateEmergencyVulExportJob
- CreateProcessEventsExportJob
- CreateRiskDnsEventExportJob
- CreateSystemVulExportJob
- CreateVulContainerExportJob
- CreateVulImageExportJob
- CreateVulScanTask
- CreateWebVulExportJob
- DeleteAbnormalProcessRules
- DeleteAccessControlRules
- DescribeAbnormalProcessEventTendency
- DescribeAbnormalProcessEventsExport
- DescribeAbnormalProcessLevelSummary
- DescribeAbnormalProcessRuleDetail
- DescribeAbnormalProcessRules
- DescribeAbnormalProcessRulesExport
- DescribeAccessControlRuleDetail
- DescribeAccessControlRules
- DescribeAccessControlRulesExport
- DescribeEmergencyVulList
- DescribeSupportDefenceVul
- DescribeVulContainerList
- DescribeVulDetail
- DescribeVulImageList
- DescribeVulScanInfo
- DescribeVulScanLocalImageList
- DescribeWebVulList
- ModifyAbnormalProcessRuleStatus
- ModifyAbnormalProcessStatus
- ModifyAccessControlRuleStatus
- ModifyAccessControlStatus
- OpenTcssTrial
- StopVulScanTask
- DescribeAccessControlEventsExport
- DescribeAbnormalProcessDetail
- DescribeAbnormalProcessEvents
- DescribeAccessControlDetail
- DescribeAccessControlEvents
- DescribeRiskSyscallDetail
- Alert Settings APIs
- Advanced prevention - K8s API abnormal requests
- CreateAccessControlsRuleExportJob
- CreateK8sApiAbnormalEventExportJob
- CreateK8sApiAbnormalRuleExportJob
- CreateK8sApiAbnormalRuleInfo
- DeleteK8sApiAbnormalRule
- DescribeAssetClusterList
- DescribeK8sApiAbnormalEventInfo
- DescribeK8sApiAbnormalEventList
- DescribeK8sApiAbnormalRuleInfo
- DescribeK8sApiAbnormalRuleList
- DescribeK8sApiAbnormalRuleScopeList
- DescribeK8sApiAbnormalSummary
- DescribeK8sApiAbnormalTendency
- ModifyK8sApiAbnormalEventStatus
- ModifyK8sApiAbnormalRuleInfo
- ModifyK8sApiAbnormalRuleStatus
- Asset Management APIs
- CreateAssetImageScanSetting
- CreateAssetImageVirusExportJob
- CreateHostExportJob
- DeleteMachine
- DescribeABTestConfig
- DescribeAgentDaemonSetCmd
- DescribeAgentInstallCommand
- DescribeAssetSyncLastTime
- DescribeExportJobDownloadURL
- DescribeExportJobManageList
- DescribeInspectionReport
- DescribePromotionActivity
- DescribeTcssSummary
- DescribeUnauthorizedCoresTendency
- ModifyContainerNetStatus
- Security Operations - Log Analysis APIs
- CreateSearchTemplate
- DeleteSearchTemplate
- DescribeESAggregations
- DescribeESHits
- DescribeIndexList
- DescribeLogStorageStatistic
- DescribePublicKey
- DescribeSearchExportList
- DescribeSearchLogs
- DescribeSearchTemplates
- DescribeSecLogAlertMsg
- DescribeSecLogCleanSettingInfo
- DescribeSecLogDeliveryClsOptions
- DescribeSecLogDeliveryClsSetting
- DescribeSecLogDeliveryKafkaOptions
- DescribeSecLogDeliveryKafkaSetting
- DescribeSecLogJoinTypeList
- DescribeSecLogKafkaUIN
- ModifySecLogCleanSettingInfo
- ModifySecLogDeliveryClsSetting
- ModifySecLogDeliveryKafkaSetting
- ModifySecLogJoinState
- ModifySecLogKafkaUIN
- ResetSecLogTopicConfig
- DescribeSecLogJoinObjectList
- ModifySecLogJoinObjects
- Runtime Security - Trojan Call APIs
- CreateVirusScanAgain
- DescribeExportJobResult
- DescribeVirusAutoIsolateSampleDetail
- DescribeVirusAutoIsolateSampleDownloadURL
- DescribeVirusAutoIsolateSampleList
- DescribeVirusAutoIsolateSetting
- DescribeVirusEventTendency
- DescribeVirusManualScanEstimateTimeout
- DescribeVirusSampleDownloadUrl
- DescribeVirusScanTaskStatus
- DescribeVirusScanTimeoutSetting
- DescribeVirusSummary
- ExportVirusList
- ModifyVirusAutoIsolateExampleSwitch
- ModifyVirusAutoIsolateSetting
- ModifyVirusFileStatus
- ModifyVirusScanTimeoutSetting
- StopVirusScanTask
- DescribeVirusMonitorSetting
- DescribeVirusScanSetting
- ModifyVirusMonitorSetting
- ModifyVirusScanSetting
- DescribeVirusList
- DescribeVirusTaskList
- CreateVirusScanTask
- DescribeVirusDetail
- Runtime Security - Container Escape APIs
- DeleteEscapeWhiteList
- CreateEscapeWhiteListExportJob
- CreateEscapeEventsExportJob
- AddEscapeWhiteList
- DescribeEscapeEventTendency
- DescribeEscapeEventsExport
- DescribeEscapeRuleInfo
- DescribeEscapeSafeState
- DescribeEscapeWhiteList
- DescribeEscapeEventTypeSummary
- ModifyEscapeEventStatus
- ModifyEscapeRule
- ModifyEscapeWhiteList
- DescribeEscapeEventDetail
- DescribeEscapeEventInfo
- Image Security APIs
- AddAssetImageRegistryRegistryDetail
- AddEditImageAutoAuthorizedRule
- AddIgnoreVul
- CheckRepeatAssetImageRegistry
- CreateAssetImageRegistryScanTask
- CreateAssetImageRegistryScanTaskOneKey
- CreateAssetImageScanTask
- CreateComponentExportJob
- CreateImageExportJob
- CreateOrModifyPostPayCores
- CreateVulDefenceEventExportJob
- CreateVulDefenceHostExportJob
- CreateVulExportJob
- DeleteIgnoreVul
- DescribeAssetAppServiceList
- DescribeAssetComponentList
- DescribeAssetDBServiceList
- DescribeAssetHostList
- DescribeAssetImageDetail
- DescribeAssetImageHostList
- DescribeAssetImageList
- DescribeAssetImageListExport
- DescribeAssetImageRegistryAssetStatus
- DescribeAssetImageRegistryDetail
- DescribeAssetImageRegistryList
- DescribeAssetImageRegistryListExport
- DescribeAssetImageRegistryRegistryDetail
- DescribeAssetImageRegistryRegistryList
- DescribeAssetImageRegistryRiskInfoList
- DescribeAssetImageRegistryRiskListExport
- DescribeAssetImageRegistryScanStatusOneKey
- DescribeAssetImageRegistrySummary
- DescribeAssetImageRegistryVirusList
- DescribeAssetImageRegistryVirusListExport
- DescribeAssetImageRegistryVulList
- DescribeAssetImageRegistryVulListExport
- DescribeAssetImageRiskList
- DescribeAssetImageRiskListExport
- DescribeAssetImageScanSetting
- DescribeAssetImageScanStatus
- DescribeAssetImageScanTask
- DescribeAssetImageSimpleList
- DescribeAssetImageVirusList
- DescribeAssetImageVirusListExport
- DescribeAssetImageVulList
- DescribeAssetImageVulListExport
- DescribeAssetPortList
- DescribeAssetProcessList
- DescribeAssetWebServiceList
- DescribeAutoAuthorizedRuleHost
- DescribeContainerSecEventSummary
- DescribeImageAutoAuthorizedLogList
- DescribeImageAutoAuthorizedRule
- DescribeImageAutoAuthorizedTaskList
- DescribeImageComponentList
- DescribeImageRegistryNamespaceList
- DescribeImageRegistryTimingScanTask
- DescribeImageRiskSummary
- DescribeImageRiskTendency
- DescribeImageSimpleList
- DescribeNewestVul
- DescribePostPayDetail
- DescribeScanIgnoreVulList
- DescribeSecEventsTendency
- DescribeSystemVulList
- DescribeValueAddedSrvInfo
- DescribeVulDefenceEventTendency
- DescribeVulIgnoreLocalImageList
- DescribeVulIgnoreRegistryImageList
- DescribeVulImageSummary
- DescribeVulLevelImageSummary
- DescribeVulLevelSummary
- DescribeVulRegistryImageList
- DescribeVulScanAuthorizedImageSummary
- DescribeVulTendency
- DescribeVulTopRanking
- ModifyAsset
- ModifyAssetImageRegistryScanStop
- ModifyAssetImageRegistryScanStopOneKey
- ModifyAssetImageScanStop
- ModifyImageAuthorized
- ModifyVulDefenceEventStatus
- RemoveAssetImageRegistryRegistryDetail
- RenewImageAuthorizeState
- SwitchImageAutoAuthorizedRule
- SyncAssetImageRegistryAsset
- UpdateAssetImageRegistryRegistryDetail
- UpdateImageRegistryTimingScanTask
- DescribeAssetHostDetail
- DescribeAssetSummary
- DescribeContainerAssetSummary
- DescribeVulDefenceEventDetail
- DescribeVulSummary
- ModifyVulDefenceSetting
- DescribeAssetContainerDetail
- DescribeAssetContainerList
- DescribeVulDefenceEvent
- DescribeVulDefenceHost
- DescribeVulDefencePlugin
- DescribeVulDefenceSetting
- Billing APIs
- Data Types
- Error Codes
- 常见问题
- TCSS 政策
- 联系我们
- 词汇表
当容器向恶意域名或 IP 发起外连请求时,容器安全服务将检测此类行为,为您提供实时告警。当发现容器存在访问恶意域名/IP 的行为时,您的容器可能已经失陷,因为恶意域名/IP 可能是黑客的远控服务器、恶意软件下载源、矿池地址等。您需要及时进行如下排查:
1. 检查容器内的恶意进程及非法端口,删除可疑的启动项和定时任务。
2. 对容器存在的风险进行排查,如进行漏洞扫描、木马扫描等。
3. 对容器所使用的镜像进行加固,并替换运行中的容器。
事件列表
事件概览
1. 登录 容器安全服务控制台,在左侧导航中,单击运行时安全 > 恶意外连,默认进入事件列表页面。
2. 在事件列表页面的事件概览中,将根据系统上报的安全事件,实时统计待处理的恶意外连事件及其影响的容器数量。
事件列表
在事件列表中,默认展示近7天的恶意外连事件,如需查看更多事件,可调整查询时长。列表展示字段如下表所示。
字段名称 | 字段详情 |
事件类型 | 恶意域名请求。 |
请求域名 | 触发安全事件的域名详情。 |
容器名称/ID/运行状态/隔离状态 | 展示容器资产相关的名称、ID、运行状态等信息;如客户认为该条安全事件属实,即容器可能已经失陷,可点击隔离容器避免风险在内网扩散。 |
镜像名称/ID | 触发安全事件的容器的来源镜像,可通过单击镜像 ID 查看镜像详情,例如镜像安全风险、组件信息、构建历史等。 |
主机名称/IP | 触发安全事件的容器所在的云服务器节点。展示该节点的名称和内外网 IP 信息。 |
首次生成时间 | 该条安全事件首次发生的时间。 |
最近生成时间 | 该条安全事件最近发生的时间。 |
请求次数 | 系统按容器 ID、域名、进程路径、进程启动用户等对待处理安全事件进行聚合展示,聚合周期为当天。 |
状态 | 包括待处理、已处理、已忽略、已加白。 |
操作 | 单击详情查看事件详情。详情包括事件详情,关联容器、镜像、主机等资产信息,风险描述,解决方案,请求域名详情和三层进程信息。 单击处理对安全事件进行处理。包括添加白名单、标记已处理、隔离容器、忽略和删除记录。 |
查看详情
在事件列表中,单击详情,进入事件详情,展示事件详情,关联容器、镜像、主机等资产信息,风险描述,解决方案,请求域名详情和三层进程信息。
处理事件
1. 在事件列表中,单击处理,可以选择对事件进行添加白名单、标记已处理、隔离容器、忽略和删除记录,单击确定。
2. 在二次确认窗口中,进行如下操作:
添加白名单:输入白名单域名和备注,单击确认。添加白名单时,系统会根据加白的来源事件自动填入请求的域名,如有需要可手动调整为母域名。同时可勾选“批量处理相同事件(将相同域名触发的待处理事件批量加白)”,勾选并确认后,系统将批量对相同域名产生的安全事件批量加白处理。
注意:
若您确认该域名请求属于正常行为,可将该域名添加白名单放行规则,后续再出现该域名请求,将直接放行不再拦截/告警,请谨慎操作。
标记已处理:建议您参照事件详情中的“解决方案”,人工对该事件风险进行处理,单击确定,处理后可将事件标记为已处理。
隔离容器:若您确认隔离该容器,系统将禁止该容器的网络通信并将事件标记为已处理,请谨慎操作。单击确定隔离后,可在更多操作或容器资产列表中解除隔离。
忽略:单击确定,仅将本次告警事件进行忽略,若再有相同事件发生依然会进行告警。
删除:单击删除,删除已选事件记录,控制台将不再显示,无法恢复记录,请慎重操作。
黑白名单管理
除容器安全服务产品提供的系统黑名单,客户也可自定义域名黑名单和域名白名单。黑白名单生效优先级为:白名单 > 黑名单。
黑名单:当容器向名单中的域名发起外连请求时,系统将判定为恶意外联行为,为您产生实时告警,可前往 事件列表 查看。
白名单:当容器向白名单中的域名发起外连请求时,系统将直接放行,不再进行告警。
黑名单管理
1. 登录 容器安全服务控制台,在左侧导航中,单击运行时安全 > 恶意外联 > 黑白名单管理。
2. 在黑名单列表页签,单击添加黑名单。
3. 在添加黑名单窗口中,可支持批量新增多个自定义黑域名;输入域名时,支持前缀置空的泛域名,例如
*.tencent.com;泛域名下的子域名均会告警。
4. 单击确认,列表将根据实际输入的域名生成记录;当输入多个域名时,将生成多条记录。
白名单管理
1. 登录 容器安全服务控制台,在左侧导航中,单击运行时安全 > 恶意外联 > 黑白名单管理。
2. 在白名单列表页签,单击添加白名单。
3. 在添加白名单窗口中,可支持批量新增多个自定义白域名;输入域名时,支持前缀置空的泛域名,例如
*.tencent.com;泛域名下的子域名均会被放行,不产生告警。
4. 单击确认,列表将根据实际输入的域名生成记录;当输入多个域名时,将生成多条记录。
是
否
本页内容是否解决了您的问题?