This topic provides answers to some commonly asked questions about the Overview page of the Security Center console.

What are the priorities to handle security events that you can access from the Security Score section?

The following table describes the priorities to handle security events that you can access from the Security Score section. A smaller number indicates a higher priority. The number 1 indicates the highest priority.
Priority Event handling
1 Configure or enable core features.
  • Enable web tamper proofing.
  • Configure rules to protect against brute-force attacks.
  • Authorize quick installation of the Security Center agent.
  • Grant Security Center the permissions to run configuration checks on cloud services.
  • Enable log analysis.
  • Enable the antivirus feature.
  • Create an anti-ransomware policy.
  • Enable periodic virus detection.
  • Enable Kubernetes threat detection.
2 Handle AccessKey pair leaks.
3 Handle configuration risks in cloud services.
4 Handle baseline risks.
5 Handle security alerts.
6 Fix vulnerabilities.

What are the differences in deduction items between Enterprise and Ultimate compared with Basic, Anti-virus, and Advanced?

The Basic, Anti-virus, and Advanced editions of Security Center do not support the attack analysis feature. Therefore, this feature is not covered in the scope of security scoring. For more information about deduction items, see Deduction items.

How do I enable the brute-force attacks protection feature?

The brute-force attacks protection feature blocks malicious IP addresses that attempt to log on to your servers. This increases the security score of your assets. We recommend that you enable this feature. For more information, see FAQ.

How do I handle common alerts?

Security Center allows you to handle alerts detected on your assets. This way, you can reinforce your asset security and increase the security score. For more information, see FAQ.

How does the vulnerability scan level affect the security score?

If you focus only on high- and medium-level vulnerabilities and ignore low-level vulnerabilities, you can exclude the low-level vulnerabilities from the scope of security scoring. To exclude low-level vulnerabilities from security scoring, choose Vulnerabilities > Settings in the Security Center console, and select High and Medium in the Vul scan level section. Then, Security Center detects only high- and medium-level vulnerabilities.Settings panel

How does the baseline check level affect the security score?

If you focus only on high- and medium-level baseline checks and ignore low-level baseline checks, you can exclude the low-level baseline checks from the scope of security scoring. To exclude low-level baseline checks from security scoring, choose Baseline Check > Manage Policies in the Security Center console, and select High and Medium in the Baseline level section. Then, Security Center runs only high- and medium-level baseline checks.Manage Policies panel