Improve the security score of your assets - Best Practices| Alibaba Cloud Documentation Center

Security Center displays the security score of your assets on the Overview page. The security score is calculated based on the security status of your assets. A higher score indicates fewer risks in your assets. If your security score is lower than 95, we recommend that you manage detected risks at the earliest opportunity. This topic describes how to improve the security score.

Background information

For more information about the security score, see Overview.
For more information about the penalty points, see Overview.

Manage risks

Log on to the Security Center console.
On the Overview page, click Fix Now in the Secure Score section.
In the Security Risk panel, find the type of risks that you want to manage and click Process Now.
On the page that appears, manage the risks.
To manage risks, perform the following operations:
- Virus blocking: In the left-side navigation pane, click Settings. On the Settings page, turn on Virus Blocking.
- Brute-force attacks protection: In the left-side navigation pane, click Alerts. On the Alerts page, click Settings. In the Settings panel, find the Anti-brute Force Cracking section and configure rules. For more information, see Defense rules against brute-force attacks.
- Anti-ransomware: In the left-side navigation pane, choose Defense > Anti-Virus. On the page that appears, enable anti-ransomware and configure anti-ransomware policies. For more information, see Enable the anti-ransomware feature and Create a protection policy.
- Unhandled alerts: In the left-side navigation pane, choose Detection > Alerts. On the page that appears, manage alerts. For more information, see View and handle alert events.
- Unfixed vulnerabilities: In the left-side navigation pane, choose Precaution > Vulnerabilities. On the page that appears, fix vulnerabilities.
  - For more information about how to fix Linux software vulnerabilities, see View and handle Linux software vulnerabilities.
  - For more information about how to fix Windows system vulnerabilities, see View and handle Windows system vulnerabilities.
  - For more information about how to fix Web-CMS vulnerabilities, see View and handle Web-CMS vulnerabilities.
  - For more information about how to fix application vulnerabilities, see View and handle urgent vulnerabilities.
  - For more information about how to fix urgent vulnerabilities, see View and handle application vulnerabilities.
- Baseline risks: In the left-side navigation pane, choose Precaution > Baseline Check. On the page that appears, manage baseline risks. For more information, see View and manage baseline risks.
- Cloud service configuration risks: In the left-side navigation pane, choose Precaution > Config Assessment. On the page that appears, manage configuration risks in cloud services.
- AccessKey pair leaks: In the left-side navigation pane, choose Detection > AccessKey Leak. On the page that appears, manage AccessKey pair leaks. For more information, see Detection of AccessKey pair leaks .
After all the detected risks are handled, the security score is improved to 95.

Note

In the left-side navigation pane, click Overview. On the page that appears, click Fix Now in the Secure Score section. In the Security Risk panel, choose Other > Attacks. The penalty points indicate that your assets were attacked. You do not need to handle the attacks. In the left-side navigation pane, click Attack Awareness to view the attacks that are blocked by Security Center. For more information, see Attack awareness.
The baseline check and attack awareness features are not supported in the Basic Anti-Virus and Advanced editions of Security Center. Therefore, the two features are not covered when Security Center calculates the security score.

References

Overview