Overview
최신 업데이트:2025-08-15 15:55:25
Alert is one of the important links of attack detection and response in security operation. Alert Management function focuses on security detection scenario and centrally manages security-related alert rules and historical events triggered. Through this feature, users can flexibly adapt to security monitoring requirements: they can directly enable system predefined rule notifications or customize alert policies to achieve real-time awareness of business abnormal status; Meanwhile, users can also view alert history records to understand and trace back the attack situation.
Key Advantages
Advantage 1: Low latency real-time detection of attacks and trigger notifications
The whole process of alert includes collecting data from each node around the world, then performing centralized calculation and processing, and finally transmitting the information to users, which is a complex process. However, security alerts are directly related to attack blocking and incident response, so attack intervention shall be guaranteed in a short disposal window. Therefore, Alert Management function reconstructs the underlying data architecture of application-layer data, integrates real-time analysis capabilities, and adopts second-level data reporting to shorten the time from triggering an alert event to receiving a notification in about 2 minutes to buy time for attack response.
Advantage 2: System-defined rules are provided by default according to security scenarios, which can be used immediately
By default, Alert Management function provides users with some System-definition rules. These rules metrics are developed by the security operations team based on different attack scenarios and continuously monitor the security status of users 'assets through such rules. Users can also enable receiving alarm notifications with one click after binding notification objects.
Advantage 3: Support self-service configuration of rules, covering multiple scenarios and indicators
Alert Management function also supports users to customize alert rules according to their own services, covering scenarios such as Network Layer Protection, Application Layer Protection, and resource line handover. At the same time, users can freely allocate multi-dimensional detection strategies according to different monitoring purposes, and configure flexible notification methods to meet their own operation and maintenance needs.