Security Center monitors the security status of your assets in real time, and provides security scores for your assets and the number of detected risks. This topic describes the different score ranges and deduction items.

Security scores

Security score Description Font color
95 to 100 Your assets are secure. Green
85 to 94 Your assets are exposed to a few security risks. We recommend that you reinforce your security system at the earliest opportunity. Yellow
70 to 84 Your assets are exposed to a large number of security risks. We recommend that you reinforce your security system at the earliest opportunity. Yellow
69 or lower Your assets are at high risk. We recommend that you reinforce your security system at the earliest opportunity. Red

Deduction items

Note
  • The maximum security score is 100 and the minimum score is 10.
  • If the security score is greater than 60 after penalty points are endorsed but unhandled alerts are detected, the final score is 60.
  • If the security score is greater than 80 after penalty points are endorsed but unhandled alerts or vulnerabilities are detected, the final score is 80.
  • If the security score is greater than 90 after penalty points are endorsed but unhandled baseline risks are detected, the final score is 90.
  • All paid editions in the following table indicate the Basic Anti-Virus, Advanced, and Enterprise editions of Security Center.
Type Required edition Item Penalty point Suggestion
Configurations of core features All paid editions Web tamper proofing is disabled. 5 Activate web tamper proofing
Basic Anti-brute-force rules are not configured. 2 Configure IP blocking policy
Basic Quick installation of the Security Center agent is unauthorized. 2 If this is the first time you use this feature, obtain the required permissions.
Advanced and Enterprise Configuration assessment is unauthorized. 2 If this is the first time you use this feature, obtain the required permissions.
All paid editions Log analysis is disabled. 2 Activate log analysis
All paid editions Antivirus is disabled. 2 Enable the anti-ransomware feature
All paid editions No anti-ransomware policies are created. 2 Create a protection policy
All paid editions Periodic virus detection is disabled. 5 Periodic virus scanning
Enterprise Kubernets threat detection is disabled. 5 Threat detection for Kubernetes containers
Unhandled alerts All paid editions Unhandled high-risk alerts are detected. 20 Handle alerts
All paid editions Unhandled medium-risk alerts are detected. 20 Handle alerts
All paid editions Unhandled low-risk alerts are detected. 20 Handle alerts
Unfixed vulnerabilities Advanced and Enterprise Unfixed Web-CMS vulnerabilities are detected. 2 Web-CMS vulnerabilities
Advanced and Enterprise Unfixed Windows system vulnerabilities are detected. 2 Windows system vulnerabilities
Advanced and Enterprise Unfixed Linux software vulnerabilities are detected. 2 Linux software vulnerabilities
Advanced and Enterprise Unfixed urgent vulnerabilities are detected. 5 Urgent vulnerabilities
Advanced and Enterprise Urgent vulnerabilities are detected for the first time. 3 Urgent vulnerabilities
Baseline risks Advanced and Enterprise Baseline risks are detected. 1 Manage baseline risks
Configuration risks Advanced and Enterprise The Basic edition of Security Center is used. 5 Purchase Security Center
Advanced and Enterprise Anti-DDoS Pro and Anti-DDoS Premium fail the back-to-origin configuration check.
  • High risk: 2
  • Low risk: 1
Manage configuration risks
Advanced and Enterprise Two-factor authentication is disabled for your Alibaba Cloud account.
  • High risk: 2
  • Low risk: 1
Manage configuration risks
Advanced and Enterprise ApsaraDB RDS fails the security policy check.
  • High risk: 2
  • Low risk: 1
Manage configuration risks
Advanced and Enterprise High risks are detected for cloud service configurations. 2 Manage configuration risks
Advanced and Enterprise Low and medium risks are detected for cloud service configurations. 1 Manage configuration risks
AccessKey pair leaks All editions Potential risks of AccessKey pair leaks are detected. 30 View and handle AccessKey pair leaks
Other types Enterprise Attack events are detected. 5 Improve the security score

References

What are the priorities of security events?

How do penalty points differ between the Advanced and Enterprise editions?

How does the vulnerability scan level affect the security score?

How does the baseline check level affect the security score?

Improve the security score