Security Center supports periodic scans that run automatically and manual scans to detect vulnerabilities.

Background information

If you want to run a scan task at an unscheduled time on a newly purchased Elastic Compute Service (ECS) instance, you can click Scan Now in the Security Center console to start a manual scan task.

For more information about time intervals at which automatic tasks scan for different types of vulnerabilities, see Vulnerability detection cycle.

The following table lists the check items supported by each version of Security Center.

Note Descriptions of the signs used in the following table:
  • ×: not supported.
  • √: supported.
Check item Basic edition Basic Anti-Virus edition Advanced edition Enterprise edition
Vulnerabilities Linux software vulnerabilities X
Windows system vulnerabilities X
Web-CMS vulnerabilities X
Application vulnerabilities X X X
Emergency vulnerabilities
Baseline risks X X
Cloud service configurations X X


The following procedure describes how to run a scan task to detect vulnerabilities on your servers.

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Vulnerabilities.
  3. On the Vulnerabilities page, click Scan Now below Latest System Vul Time.
  4. In the One-click detection dialog box, configure the scan policy, and click OK.
    The One-click detection dialog box
    Types of vulnerabilities that can be detected by quick scan:
    • Vul: supports detection of Linux software vulnerabilities, Windows system vulnerabilities, web-CMS vulnerabilities, application vulnerabilities, and emergency vulnerabilities.
      Note For more information, see Check items supported by each edition.
    • Baseline problems: The baseline check feature is a value-added service supported only by the Advanced or Enterprise edition. You can select an existing baseline check policy or create a new policy. Only users of the Enterprise edition can create new policies. Users of the Advanced edition can select only the default policy to run baseline checks. For more information about how to create a baseline check policy, see Set baseline check policies.
    • Configuration Assessment: checks whether configurations of Alibaba Cloud services contain risks.

    After you click Scan Now, Security Center scans all protected assets. It may take one to five minutes to complete the scan task. Wait for the task to complete.

    After the scan task is complete, you can view the latest scan results.