Security Center provides the configuration assessment feature to detect security risks in the configurations of your cloud services. This topic describes how to manually run configuration checks on your cloud services and customize a detection cycle to automate periodic checks.

Background information

Security Center supports manual and automatic checks to detect security risks in the configurations of your cloud services.
  • Manual checks: On the Cloud Platform Configuration Assessment page, click Check Now to detect security risks in the configurations of your cloud services.
  • Automatic checks: By default, Security Center automatically runs configuration checks during 00:00:00 - 06:00:00 every two days. You can also customize a detection cycle to periodically check for security risks in the configurations of your cloud services. This helps you detect and handle configuration risks at the earliest opportunity.

Manual checks

If you want to perform an immediate configuration check, perform the following operations:

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Config Assessment.
  3. On the Cloud Platform Configuration Assessment page, click Check Now to detect security risks in the configurations of your cloud services. After you run a check, the number of affected assets appears on this page.
    Note Do not perform other operations until the check is complete.
    After the check is complete, the results are listed in descending order based on the severity of risks detected.

Automatic checks

By default, Security Center automatically runs configuration checks during 00:00:00 - 06:00:00 every two days. You can customize the detection cycle and time to better suit your needs. To customize the detection cycle and time, perform the following operations:

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Config Assessment.
  3. In the upper-right corner of the Config Assessment page, click Settings.
  4. In the Settings dialog box, specify Detection Cycle and Detection Time.
    Parameters
    • Detection Cycle: Monday to Sunday. You can select multiple values.
    • Detection Time: 24:00 - 06:00, 06:00 - 12:00, 12:00 -18:00, and 18:00 - 24:00. You can select one value.
  5. Click OK.
    During the selected period, Security Center automatically runs checks on all check items.

What to do next

After the check is complete, you can go to the Cloud Platform Configuration Assessment page to view the results and handle the detected risks. For more information, see View and manage configuration risks.