All Products
Search

This Product

    Managed Security Service:What is Managed Security Service?

    Document Center

    Managed Security Service:What is Managed Security Service?

    Last Updated:Aug 02, 2024

    Managed Security Service (MSSP) provides comprehensive security technical and consulting services based on the security best practices of Alibaba Cloud over the years to help you build and optimize security protection systems and protect your workloads in the cloud.

    Background information

    An increasing number of enterprises and organizations are migrating their workloads to cloud platforms, which brings technological changes to their business. During the migration, they face new challenges and issues in terms of usability, security, and integrity of their cloud services.

    Common issues faced by cloud users

    • Lack of a comprehensive cloud security solution, which affects the construction and effectiveness of security protection systems

      Traditional vendors are unfamiliar with cloud platforms. When a traditional vendor builds a security protection system, the vendor must urgently determine whether the legacy security protection solution can be reused and how to deploy a robust security protection system.

    • Uncertainty of security solutions, which increases costs

      A cloud user may fail to develop an effective and comprehensive security solution because the user cannot analyze existing business security issues. This increases the effort and investment requirements in security management.

    • Lack of or difficulty in hiring security professionals

      When information security incidents occur, an enterprise or organization may fail to respond to the incidents because due to a lack of skilled security professionals. This causes adverse impacts and loss to the enterprise or organization.

    To resolve the preceding business security issues of cloud users, MSSP offers the Managed Detection and Response (MDR) service that is designed for Elastic Compute Service (ECS) instances. The MDR service leverages the best security operations practices of Alibaba Cloud security experts to provide cloud users with in-depth security detection and response services, help cloud users quickly build basic security operations systems, and ensure business security in the cloud.

    MSSP also provides value-added services, such as Risk Assessment Service, Incident Response Service, and Classified Protection Compliance Assessment, to comprehensively ensure business security in the cloud and facilitate the building of security protection systems.

    Service specifications

    The MDR service of MSSP includes the following types of services:

    • Security consultation

      Provide consultation related to basic security products, including Anti-DDoS Proxy, Web Application Firewall (WAF), Cloud Firewall, and Security Center. Examples: consultation on configuration issues, analysis of policy anomalies, and exception handling.

    • Security monitoring

      • Monitor and analyze alerts and events, send alerts to DingTalk groups, handle alerts in a ticket system, and help you filter out false alerts and false positives.

      • Analyze and assess alerts and provide security advice based on your actual scenarios.

    • Vulnerability announcement

      Assess the impacts of zero-day vulnerabilities based on vulnerability detection rules. Provide impact analysis based on the status and outbound connections of hosts.

    • Summary and report

      Provide periodic reports on your cloud security posture in different formats, including monthly, quarterly, and semi-annual reports. Optimize rules for specific products. Communicate in monthly, quarterly, and semi-annual meetings based on actual scenarios.

    • Security assessment

      Assess the overall security, analyze major risks and exposure, and help you identify risks in the cloud.

    • Security hardening

      Help you perform security hardening in an efficient manner after a security incident occurs. Security hardening is performed based on your actual alerts and relevant industry standards.

    • Incident response

      If a security incident occurs, the following items are provided: methods for suppression, elimination, and recovery, prevention measures, security advice, and assistance in attack source identification and root cause location.

    • Product training

      Conduct training related to security services and products and best practices.

    Common scenarios

    Build a well-developed security operations system

    • Scenario

      Several enterprises cannot build a security protection system in a timely manner after cloud deployment for informatization due to a lack of effective vulnerability management and risk control. As a result, risks cannot be handled in pace with the construction of information systems. This poses a significant risk to business security. In this scenario, MSSP can provide a mature and comprehensive operations system that supports various capabilities, such as operations capability of security products, security vulnerability and risk operations, and basic security operations. MSSP facilitates seamless security operations of cloud assets.

    • Benefits

      The mature operations system provided by MSSP allows your enterprise to focus on developing business capabilities. During subsequent security construction, you have sufficient time to build operations systems by using MSSP.

    Increase the return on investment (ROI) of security operations resources

    • Scenario

      The security operations resources are insufficient. Such resources include security operations professionals for cloud security products, engineers for the infrastructure, and capital investments in the security operations of your enterprise. In traditional scenarios, a large number of professionals are required to ensure smooth security operations. As the asset scale increases, investments in security-related human resources also gradually increase.

    • Benefits

      By leveraging the scale, service, and system advantages of MSSP, you can reduce operational costs. In addition, professional technical personnel of MSSP can help you improve overall security capabilities in terms of security product protection, security policy optimization, security vulnerability management, and risk control.

    Guide the security architecture design for cloud deployment or cloud migration

    • Scenario

      During cloud deployment or cloud migration, you may encounter security risks that affect your business, technology, and management. You can deploy appropriate cloud products to solve these issues. MSSP provides guidance in the design of cloud security architectures and security consultation services to help you design cloud-based architectures and achieve the optimal protection effectiveness.

    • Benefits

      Consultation services and the guidance in designing security architectures help you quickly migrate workloads to the cloud and ensure business security and stability in the cloud.

    Improve security capabilities

    • Scenario

      An increasing number of system platforms in computing environments face a variety of security threats, such as data theft, data tampering, and unauthorized access. In this case, professional security services are required to ensure the confidentiality, integrity, and availability of data that is processed and stored on these system platforms.

    • Benefits

      The service team of MSSP assesses your business security conditions based on your security requirements and then identifies gaps between your current business security conditions and the best security practices. Based on the issues identified in security assessment, the service team performs security hardening to improve the attack defense capability of operating systems or network devices.

    Benefits

    • Full-stack operations with easy and efficient hosting

      MSSP provides comprehensive security technologies and consultation services based on years of security best practices of Alibaba Cloud. MSSP provides all-round security operations services, from network boundaries to internal networks, from vulnerabilities to policies, and from configuration to data. MSSP aims to build and continuously optimize the cloud security system, protect workloads in the cloud, and enable cloud users to focus on business development.

    • Big data support

      Alibaba Cloud aggregates security protection data from a wide range of products, including Security Center, Cloud Firewall, WAF, and Anti-DDoS, and protects VPN networks, ECS instances, web applications, and Cloud Database. By using the data mining technology accumulated over the years, Alibaba Cloud provides attack and defense intelligence for all cloud users.Web Application Firewall The security operations team of Alibaba Cloud adjusts security protection policies at irregular intervals based on attack and defense intelligence, protection requirements of cloud users, and actual business scenarios. This helps reduce security risks to a manageable level and implement dynamic adjustment, defense, operations, and management.

    • Advantages of scale

      The user base of security products and services is wide. MSSP can provide all cloud users with quality and efficient services by adopting a large-scale and systematic operations model.

    • Incident response within minutes

      Cloud security monitoring and the incident response system of MSSP allow prompt responses to security incidents. This helps cloud users protect against attacks, clean up trojans, and analyze intrusion causes to minimize loss caused by security incidents and rapidly restore workloads.

    References

    • MSSP includes various services. For more information about the billing method of each service, see Billing.

    • For more information about how to activate and use MSSP, see Getting Started.

    • For more information about the content and procedures of MSSP security services, see Security services.