Security Center supports periodic scan tasks and manual scan tasks.

Background information

If you want to run a scan task at an unscheduled time on a newly purchased Elastic Compute Service (ECS) instance, you can click Scan Now in the Security Center console to start a manual scan task.

For more information about time intervals at which automatic tasks scan for different types of vulnerabilities, see Vulnerability detection cycle.

The following table lists the check items supported by each version of Security Center.

Note Descriptions of the signs used in the following table:
  • ×: not supported.
  • √: supported.
Check item Basic Edition Basic Anti-Virus Edition Advanced Edition Enterprise Edition
Vulnerabilities Linux software vulnerabilities X
Windows software vulnerabilities X
Web Content Management System (CMS) vulnerabilities X
Application vulnerabilities X X X
Emergency vulnerabilities
Baseline Risks X X
Configuration assessment X X

Procedure

The following procedure shows how to run a manual scan task to scan for server vulnerabilities.

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click Scan Now below Latest System Vul Time.
  4. In the One-click detection dialog box, configure the scan policy, and click OK.
    The One-click detection dialog box
    Types of vulnerabilities that can be detected by quick scan:
    • Vulnerabilities: Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, emergency vulnerabilities, and urgent vulnerabilities.
      Note For more information, see Check items supported by each edition.
    • Baseline problems: The baseline check feature is a value-added service supported only by the Advanced or Enterprise Edition. You can select an existing baseline check policy or Create a new policy. Only users of Enterprise Edition can create new policies. Users of Advanced Edition can select only the default policy to run baseline checks. For more information about how to create a baseline check policy, see Set baseline check policies.
    • Configuration Assessment: checks whether configurations of Alibaba Cloud services contain risks.

    After you click Scan Now, Security Center scans all protected assets. It may take one to five minutes to run the scan task. Wait for the task to complete.

    After the scan is complete, you can view the latest scan results.

References

How often does Security Center detect vulnerabilities?

What are the differences between baselines and vulnerabilities?

What do I do if I cannot enable the vulnerability detection feature for a server on the Assets page?