By default, Security Center only displays important vulnerabilities.

Problem description

If no important vulnerabilities exist within your assets, the "No vulnerability found at last check" prompt is displayed on the Vulnerabilities page, and no data about vulnerabilities is displayed in the Vulnerability list.

Solution

  1. Check whether the agent is installed and running normally on your assets and ensure that this agent is not in the offline or unprotected state.
    Note Your assets are protected by Security Center only after the agent is installed. After the agent is installed, Security Center automatically scans vulnerabilities, and data about alerts, vulnerabilities, and baseline checks are displayed in the console. For details about the vulnerability detection cycle, see Vulnerability detection cycle.

    On the Overview page, view the number of Unprotected assets, click the number to go to the agent installation page, and install the agent on the assets where an agent is not installed or is offline. For more information about installing the agent, see Install the Security Center agent.

  2. On the Settings page, enable the notifications for all vulnerabilities on the Notifications tab, and you can receive all the vulnerability notifications.
  3. Security Center scans vulnerabilities on a regular basis. If you purchase a new ECS instance after Security Center performs the regular scan task, the instance will not trigger a vulnerability scan on the day of purchase. Therefore, you cannot view any vulnerability data about this instance in the Security Center console. You must manually perform the vulnerability check: Select the assets to be checked from the Server information list, click Security check, and select check items as needed in the Security Check dialog box that appears.
    Note
    • It takes 20 minutes to complete the security check.
    • Security check cannot be performed on unprotected assets. You must install the agent on the asset, and after the status of the Agent corresponding to the asset is changed to Enable, the Security check can be performed.

    If you want to adjust the asset scope in which automatic vulnerability scans are performed or modify the scan cycle of application vulnerabilities, you can click Settings on the Vulnerabilities page to modify these configurations.

    For more information about the vulnerability detection cycle, see Vulnerability detection cycle.

    For more information about the settings, see Vulnerability management settings and whitelist configuration.