Configure vulnerability settings

Procedure

1. Log on to the Security Center console.
2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
3. In the upper-right corner of the Vulnerabilities page, click Settings.
4. In the Settings pane, configure the parameters as needed.
   

   You can perform the following operations:

   • Turn on or turn off the switch of a vulnerability type to enable or disable detection for this type of vulnerability.
   • Click Manage to add servers for vulnerability detection.
   • Specify Emergency vul(s) Scan Cycle: By default, the time period for a vulnerability detection task is 00:00:00 to 07:00:00. You can set the detection interval to three days, one week, or two weeks. You can also stop the scanning task.
     Note If your servers are deployed in an internal network or emergency vulnerability detection is not required, you can set Emergency vul(s) Scan Cycle to Stop. Your servers may be attacked in various ways. We recommend that you enable the Emergency vul(s) Scan Cycle feature. This way, Security Center detects emergency vulnerabilities on your servers in a timely manner.
   • Specify the detection interval for application vulnerabilities. The default time period for a vulnerability detection task is 00:00:00 to 07:00:00. You can set the detection interval to three days, one week, or two weeks.
   • Select YUM/APT Source Configuration. You must configure a valid YUM or APT source before you fix a Linux software vulnerability. If the YUM or APT source is invalid, you may fail to fix the vulnerability. Security Center automatically selects a YUM or APT source of Alibaba Cloud. This improves the efficiency of vulnerability fixing. We recommend that you select YUM/APT Source Configuration.
   • Select a mode from Scanning Modes. You can select one of the following scanning modes:
     • Real risk model: In this mode, Security Center automatically detects, analyzes, and displays only vulnerabilities that can be exploited by attackers. If you select this mode, the Vulnerabilities page displays only vulnerabilities whose priority scores are greater than 13.5. If you want to view vulnerabilities only with high priorities, we recommend that you select this mode.
       Note

       • The priority score of a vulnerability helps you determine whether to fix the vulnerability immediately. If the priority score of a vulnerability is 13.5 or higher, the vulnerability is critical and must be immediately fixed. For more information, see Vulnerability priorities.
       • The Real risk model or Full role scan mode requires one to five minutes to complete a vulnerability detection task.
     • Full rule scan mode: Security Center detects all types of vulnerabilities, including vulnerabilities that do not meet security regulations. If you select this mode, the Vulnerabilities page displays all the vulnerabilities in your server.
   • Set the retention period for invalid vulnerabilities to 7 days, 30 days, or 90 days.
     Note If you do not handle a vulnerability or a fixed vulnerability is not detected again within the specified period, Security Center removes this vulnerability from the vulnerability list on the Vulnerabilities page of Precaution. Security Center generates alerts if this type of vulnerability is detected again.
   • Specify Vul scan level. Valid values: High, Medium, and Low.

     Security Center only detects and displays vulnerabilities of the priorities specified by the Vul scan level parameter. If you select High and Medium, Security Center only detects vulnerabilities of High and Medium priorities. On the Vulnerabilities page, only vulnerabilities of High and Medium priorities are displayed.

   • In Vul Whitelist, you can view vulnerabilities that are added to the whitelist. If you want to remove a vulnerability from the whitelist, select the vulnerability and click Remove. After the vulnerability is removed from the whitelist, Security Center detects the vulnerability and generates alerts on this vulnerability.