In the latest HummerRisk V1.2.0 version, we have upgraded the multi-cloud compliance detection engine. Now the multi-cloud detection in X-PACK can increase the execution speed by 300%, and can provide a better user experience in the face of large-scale and multi-environment detection requirements. At the same time, let's analyze the difference between the new detection execution system and the previous community version system.
Community Edition Execution Engine Analysis
From the perspective of the overall architecture, we can see that the entire HummerRisk system can be divided into three layers, the top application layer, the middle gateway layer and the bottom service layer. Below is the architecture of the community edition.
In the HummerRisk Community Edition, the entire multi-cloud detection involves two parts: upper-level business scheduling and lower-level detection engine execution. In the upper-level scheduling part, we will deal with rule management, rule group division, and cloud account association. When using it, the user first needs to bind the cloud account, and then select the rule group that wants to perform detection on the cloud account, and then start the execution.
Next, let's focus on the execution engine part. In the execution engine of the community version, the first choreography task will process the rule group and split it into execution rules. After the specific execution is determined, a detection file will be generated and sent to the detection engine. The detection engine will be responsible for processing the detection content, performing specific actions according to the content of the detection file, and generating a detection result file.
In the community office, because the design needs to keep the detection engine independent, several file processing interactions are involved in the detection process.
Enterprise Edition Execution Engine Analysis
In the service layer of the enterprise edition, you can see many different parts.
- First of all, in the task management part, we have introduced a special task management mechanism, which can schedule inspection tasks more efficiently. On this basis, we can achieve high-concurrency scheduling of tasks, which can be greatly improved in large-scale detection and high-throughput scenarios.
- Second, we have upgraded the connection process between the task delivery and the execution engine. Now the process from the task scheduling system to the execution engine is all completed through API calls, and multiple operation parts related to files have been simplified. In the upgraded execution engine, our test can improve the execution efficiency by at least 300%. Of course, the upgraded version of the execution engine requires the enterprise version, which can only be used after activating X-PACK.
Overall, the detection engine of the enterprise version provides better performance, higher concurrency support capability, lower response time and faster detection speed. It can help enterprises solve large-scale, high-concurrency, and high-availability multi-cloud detection requirements.
Introduction to X-PACK
On the basis of the community version, HummerRisk provides an enterprise version oriented to the needs of deep enterprise users, and provides more expansion capabilities through the addition of X-PACK. In the current X-PACK, we provide an upgraded version of the execution engine, integrated security reports, enterprise version rule packs, high-availability deployment and other capabilities. At the same time, the X-PACK expansion pack will continue to expand, bringing more in-depth functions.
About HummerRisk
HummerRisk is an open source cloud-native security platform that solves cloud-native security and governance issues in a non-intrusive manner. Core capabilities include hybrid cloud security governance and K8S container cloud security detection.
GitHub address: https://github.com/HummerRisk/HummerRisk
Gitee Address: https://gitee.com/hummercloud/HummerRisk