The Overview page of the Security Center console is an operations security center for Alibaba Cloud services. The Overview page provides dynamic visualization of the security score, status of all your assets, and the Security Center features that you have enabled. You can upgrade Security Center, renew the subscription, increase the asset quota, and configure notification settings on this page.
The Overview page consists of the following sections:
- Upgrade and Renew: displays the edition of Security Center. You can upgrade Security Center to the
Advanced or Enterprise edition, increase the asset quota, and renew the subscription.
For more information, see Upgrade Security Center, increase asset quota, and renew subscription.
You can click Check Now to scan for vulnerabilities, baseline risks, and configuration risks in the assets.
- Secure Score: displays the security score of the assets and the number of risks detected in the
assets. For more information, see Security score. For more information about improving the security score, see Improve the security score.
After you click Fix Now, the Security Risk page appears. You can follow the instructions to view relevant documents or manage risks.
The Security Risk page shows the following types of risks that need to be managed as soon as possible:
- Unhandled alerts
- Unfixed vulnerabilities
- Baseline risks
- Cloud service configuration risks
- Attacks and other types of risks
- Status: displays the numbers of assets that have installed the Security Center agent and
those that have not, and the risk statistics on the assets.
Click the number under Unprotected, and then click Install Agent to go to the Agent page. You can install the Security Center agent on unprotected assets. For more information about how to install the Security Center agent, see Install the Security Center agent.
- Security Detection and Defense Capabilities: displays the engines used to scan assets, log capacity, anti-virus database update time, system vulnerability scan time, number of precise defense events, and number of web page anti-tampering events. This information helps you monitor the defense and security status of your assets in real time.
- Threat Statistics: displays threat statistics, as shown in the following table.
Threat type Description Unhandled alerts The total number of alerts in your assets and the numbers of alerts at different levels of severity (urgent, warning, and notice).
You can click the total number under Unhandled Alerts to go to the Alerts page to view and manage alerts. For more information, see Security events.
Unfixed vulnerabilities The total number of vulnerabilities that have not been fixed and the numbers of vulnerabilities at different levels of severity.
You can click the total number under Unfixed Vul to go to the Vulnerabilities page to view and manage vulnerabilities. For more information, see Vulnerability fix prioritization.
Baseline risks The total number of baseline risks in your assets and the numbers of baseline risks at different levels of severity.
You can click the total number under Baseline Risks to go to the Baseline Check to view and manage baseline risks. For more information, see Baseline check overview.
Attacks The total number of attacks launched on your assets.
You can click the number under Attacks to go to the Attack Awareness page to view attack analysis. For more information, see Attack awareness.
- Config Assessment Risks: Risks that are detected in the baseline configurations of cloud services.
You can click See All to go to the Cloud Platform Configuration Assessment page to view and manage configuration risks in cloud services. For more information, see Cloud service configuration assessment.
- Issue Resolved: The number of alerts, vulnerabilities, and baseline risks that have been managed in the last 15 days. The statistics are displayed in a bar and trend chart.
Upgrade Security Center, increase asset quota, and renew subscription
- Basic Edition: displays the current edition and the Upgrade button. The Advanced and Enterprise editions support advanced features such as baseline check, asset fingerprint, malicious process detection, and log analysis.
- Advanced Edition or Enterprise Edition: shows the expiration date and total number of assets in the upper-right corner of
the Overview page. You can also click Upgrade and Renew in the upper-right corner.
Note The Asset Scaling button is displayed only if the current number of assets exceeds the asset quota that you have specified when you purchased Security Center.
|Security score||Description||Font color|
|95-100||Your assets are secure.||Green|
|85-94||Your assets are exposed to a few security risks. We recommend that you reinforce protection as soon as possible.||Yellow|
|70-84||Your assets are exposed to a large number of security risks. We recommend that you reinforce protection as soon as possible.||Yellow|
|69 or lower||Your assets are vulnerable to attacks. We recommend that you reinforce protection as soon as possible.||Red|
|Configurations of core features||Basic||Whether anti-brute force attack policies are configured||2|
|Basic||Whether quick installation of the Security Center agent is enabled||2|
|Advanced and Enterprise||Whether Security Center has the permission to run configuration checks on cloud services||2|
|Advanced and Enterprise||Whether anti-virus protection is enabled||2|
|Advanced and Enterprise||Whether AccessKey leak detection is enabled||2|
|Advanced and Enterprise||Whether log analysis is enabled||2|
|Unhandled alerts||Advanced and Enterprise||Unhandled high-risk alerts||20|
|Advanced and Enterprise||Unhandled medium-risk alerts||20|
|Advanced and Enterprise||Unhandled low-risk alerts||20|
|Unfixed vulnerabilities||Advanced and Enterprise||Unfixed CMS vulnerabilities||2|
|Advanced and Enterprise||Unfixed vulnerabilities on a Windows host||2|
|Advanced and Enterprise||Unfixed vulnerabilities on a Linux host||2|
|Advanced and Enterprise||Unfixed urgent vulnerabilities||5|
|Advanced and Enterprise||Undetected urgent vulnerabilities||3|
|Baseline risks||Enterprise||Baseline risks detected||1|
|Cloud service configuration risks||Advanced and Enterprise||The Security Center edition is not Advanced or Enterprise||5|
|Advanced and Enterprise||Back-to-origin configuration checks||
|Advanced and Enterprise||The Alibaba Cloud account has two-factor authentication disabled||
|Advanced and Enterprise||Checks on ApsaraDB for RDS security policies failed||
|Advanced and Enterprise||High severity risks in cloud service configurations||2|
|Advanced and Enterprise||High and medium severity risks||1|
|AccessKey leaks||Enterprise||Whether has AccessKey leaks||30|
|Other types||Enterprise||Whether attacks have occurred||5|
- The highest security score is 100 and the lowest is 10.
- After penalty points are endorsed, if the security score is higher than 60 but alerts are not managed, the final score is 60.
- After penalty points are endorsed, if the security score is higher than 80 but vulnerabilities are not fixed or an alert causes penalty points, the final score is 80.
- After penalty points are endorsed, if the security score is higher than 90 but baseline risks are not managed, the final score is 90.