Assistant Engineer
Assistant Engineer
  • UID11450
  • Fans0
  • Follows0
  • Posts54

One-stop cloud security management – ​​Alibaba Cloud Security Center

More Posted time:Jul 11, 2021 22:24 PM
Recently, ransomware, distributed denial of service (DDoS) and other phishing attacks have severely affected the performance and reliability of information services. For this reason, the IT industry has established solutions to respond to these negative activities that impact services and resist attacks.
Alibaba Cloud provides many security products that can help you effectively deal with the many threats that run across the Internet every day. This article focuses on the cloud security center Alibaba Cloud Security Center.

Caption: Overview of Alibaba Cloud Security Products

What is Security Center

Alibaba Cloud Security Center is a comprehensive security management platform that can centrally manage all security systems related to your Alibaba Cloud account. Security Center can quickly identify and analyze security threats. If a threat is detected, Security Center will automatically send an alert to the administrator.
The Alibaba Cloud Security Center feature set includes:
  1. Ransomware protection
  2. Antivirus software protection
  3. Compliance assessment
  4. Web page tampering protection
  5. Container image scanning

Features and benefits

Alibaba Cloud Security Center provides the highest level of security. It has a built-in smart system using big data technology that can automatically perform security tasks and operations on a regular basis. The Security Center is highly efficient in tracking and responding to threats, ensuring the security of cloud resources and servers located in the data center. The basic version of Alibaba Cloud Security Center can defend against DDoS attacks, abnormal logins, service configuration risks, and server weaknesses. In addition, security enhancement services are also provided.
When you purchase any Alibaba Cloud product, Alibaba Cloud Security Center will automatically launch the Basic Basic Edition. You can also choose different versions of Alibaba Cloud Security Center according to your needs.

Caption: Cloud Security Center version comparison chart

Alibaba Cloud has more than ten years of experience in the field of security implementation. From ransomware, viruses to DDoS and other threats, it can effectively detect and block all kinds of threats, and condensed experience applications to provide Security Center with more than 250 threat detections mode. These models are based on big data technology, which can assist the system to evaluate existing information and strengthen analysis capabilities to block any threats.

Integrated management and defense

Alibaba Cloud Security Center is compatible with multiple operating systems and provides server protection management on different platforms. Even if you deploy services across regions, you can still use Security Center to perform security protection operations in any region.
Once the Security Center detects a threat, it will issue an alert and monitor any weaknesses and configuration issues to ensure the smooth operation of the entire system. Security Center will use situation analysis to ensure that your security solutions operate with high efficiency. Among them, the graphical user interface can display traces of threats and provide analysis reports of security incidents.

Caption: Cloud Security Center report schematic

Caption: Analysis of cloud security center attacks


Container security

Security Center provides real-time threat detection for Alibaba Cloud Container Service for Kubernetes (ACK) . This feature can detect viruses and other malicious threats on containers or hosts. Security Center will generate different warnings based on the type of threat detected. Threat detection includes:
  • Container trip:
Security Center is good at detecting misconfigurations in containers. Assist developers to avoid incorrect container configurations, operating system weaknesses or Docker weaknesses that may cause containers to jump.
  • High-risk operations:
Alibaba Cloud Security Center can reduce any potential weaknesses that may be used to compromise the entire service, including Docker API vulnerabilities, Kubernetes API vulnerabilities, or some forms of privilege escalation. In addition, Alibaba Cloud Security Center can avoid container intrusion caused by OSI model layer 4 attacks; in this type of attack, the attacker may use unauthorized access to try to publish malicious scripts in the container.
  • Image boot and virus:
Security Center will actively monitor any issues, malicious programs or mining programs in the container image. Real-time monitoring helps to generate alerts and detect any Trojan viruses, viruses, scripts or web shells.
  • Security Center can detect:
  1. Suspicious command execution operations on the Kubernetes API server
  2. Suspicious directory mounted to Pod
  3. Kubernetes service account transferred from one application to another
  4. Pod booted with malicious image
  5. Security Center can also sign and verify container images, ensuring that only reliable images are deployed, and improving asset security.

to sum up

Alibaba Cloud Security Center uses a multi-faceted strategy to manage assets. It will score the level of safety based on the safety status of the asset. The higher the score, the fewer problems. Security Center will display information about each protected server, including risk status, virtual private cloud (VPC), and region.
Alibaba Cloud defines this service as a security management service that operates in a centralized manner. It can automatically analyze ECS instance of exposure conditions, and graphically display the instance of communication between ECS and Internet. This will show the weaknesses of any system more clearly.
If you are interested in Security Center, as long as you start using Alibaba Cloud services, you can experience the Basic version.
Welcome to the Alibaba Cloud Freetrial worth up to 8500 USD:
Original English: