Cloud workloads expose a broader attack surface than equivalent on-premises infrastructure. Hosts are spun up and torn down on elastic schedules, containers are orchestrated across shared nodes, and identity-based access spans services that perimeter controls were never designed to govern. Detecting compromise in this environment requires telemetry collected continuously from inside the workload, correlated against threat intelligence at cloud scale, and surfaced as actionable findings rather than raw log volume.
Alibaba Cloud Security Center performs this function on the platform. It combines an in-guest agent, server-side detection engines, and a response interface into a single workload protection layer that covers Elastic Compute Service (ECS) instances, Container Service for Kubernetes (ACK) clusters, and non-Alibaba Cloud hosts, all connected through the same agent. The sections that follow document the agent architecture, detection mechanisms, response workflows, and configuration decisions that determine effective deployment.
Figure 1: Security Center four-tier architecture.
The Security Center agent runs as a lightweight process on each protected host installed via a shell script under a dedicated service account on Linux, and as a system service on Windows. It performs three categories of work: periodic baseline scanning, continuous event collection, and on-demand command execution issued from the management console.
Baseline scanning produces a scheduled snapshot of the host's security posture: installed packages and patch state, kernel and OS versions, listening ports with bound processes, scheduled tasks, user accounts and last login times, SSH configuration, and file integrity hashes for sensitive paths. Scan output is uploaded to the Security Center backend for evaluation against the current vulnerability and configuration rule sets.
Continuous event collection captures behavioural telemetry in real time: process execution with parent-child lineage, inbound and outbound network connections with associated process context, file modifications under monitored paths, and authentication attempts. Linux telemetry is sourced from kernel audit subsystems and netlink sockets; Windows telemetry from Event Tracing for Windows providers. Events are buffered locally, normalised, and forwarded over TLS to regional ingestion endpoints. Agent CPU and memory budgets are configurable per host group to accommodate capacity-constrained workloads.
Container workloads receive an additional component deployed as a DaemonSet on each cluster node. It collects container runtime events from the container runtime interface, pod lifecycle events from the Kubernetes API server, and image scan results from the configured registry. The DaemonSet runs in a privileged namespace but uses scoped service account credentials with read-only access to resources outside that namespace.
Detection runs on a stack of engines operating on the agent telemetry stream, each scoped to a distinct threat class. Signature-based engines match known indicators of compromise file hashes, command-line patterns, registry keys, and network endpoints against telemetry as it arrives. Signatures are updated from Alibaba Cloud’s threat intelligence pipeline without requiring agent redeployment.
Behavioural engines operate on event sequences rather than individual records. A reverse shell, for example, is identified not by a single process execution but by the combination of a network connection from a shell process, redirected standard input and output descriptors, and a process tree inconsistent with administrative activity. Behavioural rules are expressed as event-correlation patterns evaluated within sliding time windows, with detection latency typically in the low tens of seconds from the originating event.
Machine-learning engines surface anomalies that do not match a predefined pattern. They build per-host baselines for process invocation, outbound connection destinations, and authentication patterns, and flag deviations exceeding configured confidence thresholds. The trade-off is the inverse of signature detection: broader coverage of unknown threats at the cost of a higher false-positive rate, managed through finding suppression and per-asset baseline tuning.
Findings are classified along two axes: severity (informational, low, medium, high, critical) and threat category (web shell, persistence, lateral movement, privilege escalation, data exfiltration, cryptomining, and others). Severity is assigned by match confidence and asset sensitivity, with critical reserved for findings indicating active compromise rather than reconnaissance or configuration weakness.
Beyond active threat detection, Security Center performs continuous vulnerability and configuration assessment. Vulnerability scanning identifies missing patches for the host operating system, installed packages, and web application components, cross-referencing each package version against published CVE entries and the corresponding Alibaba Cloud advisory feed. Each vulnerability is scored using CVSS and annotated with patch availability in the host’s package repository, allowing remediation priority to be set by exploitability rather than score alone.
Baseline compliance assessment evaluates host configuration against published security benchmarks, CIS benchmarks for major Linux distributions and Windows Server, and cloud-specific baselines for ACK clusters and managed database instances. Each check returns a pass, fail, or not-applicable result with a remediation reference. Baseline checks are read-only; remediation is performed separately, either manually or through the configured automation channel.
Container images are scanned at the registry layer before deployment. Container Registry images are scanned on push and on schedule, producing a vulnerability inventory per image tag. Admission control can block deployment of images carrying unresolved high-severity vulnerabilities, though this should be staged against existing pipelines to avoid blocking legitimate releases during the initial enforcement window.
Findings surface in the Security Center console as a prioritised queue grouped by affected asset and threat category. Each finding includes the originating event payload, the matched detection rule, the affected process or file context, and recommended response actions. For active threats, response can be initiated directly from the finding: quarantine of malicious files, termination of suspicious processes, isolation of the affected instance from non-administrative network paths, and revocation of compromised credentials where identity context is present.
Response actions are executed by the same agent that produced the originating telemetry, receiving signed instructions over the established control channel. Action results are returned as audit records and stored alongside the originating finding, producing a closed-loop record of detection and response that can be exported for compliance reporting.
Findings can be forwarded to Log Service for centralised SIEM ingestion, to Message Service for notification routing, and to Function Compute for custom automation. RAM policies should be scoped to the specific Security Center workspace and the downstream services receiving forwarded findings; AccessKey credentials used by automation should be rotated on a defined cycle and audited via ActionTrail. Agent installation tokens warrant the same operational discipline as service credentials, since possession of a valid token permits agent registration into the workspace.
Cloud-native threat detection on Alibaba Cloud is the composition of an in-guest agent, a layered detection stack, continuous vulnerability and baseline assessment, and an integrated response interface. The architecture targets the operational reality of cloud workloads: high host churn, mixed container and virtual machine fleets, and detection signals that must be correlated across telemetry sources rather than evaluated in isolation.
Engineers deploying Security Center should evaluate three configuration decisions early. Agent resource budgets must be sized against workload sensitivity; default budgets suit general-purpose hosts but should be lowered on latency-sensitive or memory-constrained instances. Severity thresholds for automated response should start conservative, with critical-severity findings driving automation and lower severities routed to human review until per-environment false-positive rates are characterised. Admission control on container image vulnerabilities should run in audit mode before enforcement, allowing pipelines to surface issues without blocking releases during transition.
Disclaimer: The views expressed herein are for reference only and don’t necessarily represent the official views of Alibaba Cloud.
Privileged Access Management on Alibaba Cloud with Bastionhost
107 posts | 2 followers
FollowCloudSecurity - September 11, 2025
Alibaba Cloud Community - October 19, 2021
Miles Brown - December 8, 2025
Amuthan Nallathambi - August 24, 2023
Kidd Ip - September 22, 2025
Kidd Ip - May 29, 2025
107 posts | 2 followers
Follow
Container Service for Kubernetes
Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn More
Security Center
A unified security management system that identifies, analyzes, and notifies you of security threats in real time
Learn More
ACK One
Provides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources
Learn More
Security Solution
Alibaba Cloud is committed to safeguarding the cloud security for every business.
Learn MoreMore Posts by PM - C2C_Yuan
