云安全管理平台解决方案云安全管理平台解决方案云安全管理平台解决方案2目录1前言...........................................................................................................................................42安全现状...................................................................................................................................52.1问题和需求分析.....................................................................................................................52.2传统SOC面临的问题.............................................................................................................63应对方案...................................................................................................................................84某云安全管理平台解决方案...................................................................................................104.1资产分布式管理...................................................................................................................114.1.1资产流程化管理...........................................................................................................114.1.2资产域分布...................................................................................................................124.2事件行为关联分析...............................................................................................................134.2.1事件采集与处理...........................................................................................................134.2.2事件过滤与归并...........................................................................................................144.2.3事件行为关联分析.......................................................................................................144.3资产脆弱性分析...................................................................................................................154.4风险综合监控.......................................................................................................................164.4.1风险管理.......................................................................................................................174.4.2风险监控.......................................................................................................................184.5预警管理与发布...................................................................................................................184.5.1预警管理.......................................................................................................................184.5.2预警发布.......................................................................................................................204.6实时响应与反控...................................................................................................................214.7知识库管理...........................................................................................................................224.7.1知识共享和转化...........................................................................................................224.7.2响应速度和质量...........................................................................................................234.7.3信息挖掘与分析.................................................
