Security Center is a centralized security management system that dynamically identifies and analyzes security threats, and generates alerts when threats are detected. Security Center provides multiple features to ensure the security of cloud resources and servers in data centers. The features include anti-ransomware, antivirus, web tamper proofing, container image scan, and compliance check. This allows you to automate security operations, responses, and threat tracing, and meet regulatory compliance requirements.

Security Center allows you to collect cloud asset fingerprints and up to 10 types of security logs. Security Center analyzes the security situation based on threat intelligence and delivers better information traceability.

Compliance certifications

Security Center complies with the standards of ISO 9001, ISO 20000, ISO 22301, ISO 27001, ISO 27017, ISO 27018, ISO 29151, ISO 27701, and BS 10012. It also obtains the Security, Trust, Assurance and Risk (STAR) certificate from Cloud Security Alliance (CSA) and complies with Payment Card Industry Data Security Standard (PCI DSS).

Editions

Security Center provides the following editions: Basic, Anti-virus, Advanced, Enterprise, and Ultimate. For more information, see Features. The following list provides an introduction to each edition:

  • Basic

    The Basic edition offers basic Security Enhancement services free of charge. You can use the services to detect unusual logons to your servers, Distributed Denial of Service (DDoS) attacks, common vulnerabilities on your servers, and configuration risks of cloud services. If you select Security Enhancement when you purchase an Elastic Compute Service (ECS) instance, Security Center Basic is automatically activated.

  • Anti-virus

    The Anti-virus edition uses the subscription billing method. It offers security services, such as alerting and antivirus.

  • Advanced

    The Advanced edition uses the subscription billing method. It offers security services, such as alerting, antivirus, vulnerability detection and fixing, and security reports.

  • Enterprise

    The Enterprise edition uses the subscription billing method and provides a wide array of security services. The services include alerting, antivirus, vulnerability detection and fixing, baseline checks, asset fingerprints, and attack analysis.

  • Ultimate

    The Ultimate edition uses the subscription billing method and provides a wide array of security services. The services include container image scan, threat detection on Kubernetes containers, Radar, alerting, antivirus, vulnerability detection and fixing, baseline checks, asset fingerprints, and attack analysis.

Usage notes

After you create an Alibaba Cloud account, you can use one of the following methods to enable Security Center to protect your assets:
  • Security Center console: a web service page for you to perform interactive operations. For more information, see Get started.
  • Security Center API: a remote procedure call (RPC) API that supports GET and POST requests. For more information, see List of operations by function.