Alibaba Security offers Security Center (original name: Threat Detection Service) to secure and monitor diagnostics services. Security Center supports multiple features, including security event detection, vulnerability scanning, and configuration baseline check. You can use Security Center to secure and manage your assets on the cloud. With the integration of Alibaba's independently developed big data and machine learning algorithm, Security Center can help you check and process all the security threats in real time.
Security Center also enables you to analyze the security situation and detect potential threats by collecting and auditing up to 10 types of security logs, your asset fingerprints, and network threat intelligence.
Features of Security Center
Security Center supports the following features:
- Security events and automatic alert correlation analysis: Security Center detects common network intrusions in real time, such as unusual logons, Webshell injections, unusual server activities and virus attacks. It generates alert for detected events, and automatically correlates unusual alarm events to help you fully understand and analyze corresponding threats and intrusion events.
- Vulnerability scanning: Security Center automatically scans for vulnerabilities on servers and provides fixes. It can also eliminate vulnerabilities for web content management systems (WCMS) , Linux, and Windows.
- Baseline check: Security Center periodically checks the server configuration using either the default or customized scan policies. The baseline check includes security compliance check, system configuration check, account check, and weak password check.
- Asset fingerprints: Collects and records asset running information, including processes, system accounts, open ports, software versions, and website background information.
- Log retrieval: Security Center provides an all-in-one log retrieval service for you to query and manage up to 10 types of server and web logs so that you can track the causes of security issues.