This topic provides a brief introduction to the Overview page of the Security Center console. The Overview page is a security operations center for Alibaba Cloud services. The Overview page dynamically displays the security score, risks that threaten your assets, status of all your assets, and the features that you have enabled. You can upgrade Security Center, renew your subscription, increase your asset quota, and modify notification settings on this page.
The Overview page consists of the following sections:
- Upgrade Now and Renew: The edition of Security Center is displayed in the upper-right corner. You can upgrade
Security Center to the Basic Anti-Virus, Advanced, or Enterprise edition, increase
your asset quota, and renew your subscription. For more information, see Upgrade Security Center, increase your asset quota, and renew your subscription.
Click Scan now to scan for vulnerabilities, baseline risks, and configuration risks in the assets.
- Secure Score: shows the security score of your assets and the number of risks detected on your
assets. For more information about security scores, see Security scores. For more information about how to improve the security score, see Improve the security score.
Click Fix Now to go to the Security Risk panel. Then, follow the instructions to handle risks.
The Security Risk panel displays the following types of risks that must be handled at the earliest opportunity:
- Configurations of core features
- Unhandled alerts
- Unfixed vulnerabilities
- Baseline risks
- AccessKey pair leaks
- Cloud service configuration risks
- Attacks and other types of risks
- Asset Status: This section shows the numbers of assets on which the Security Center agent is installed
and those on which the agent is not installed. Risk statistics are also displayed.
Move the pointer over the number below Unprotected and click Install Agent to go to the Agent tab of the Settings page. On this tab, you can install the Security Center agent on the unprotected assets. For more information about how to install the Security Center agent, see Install the Security Center agent.
- Security Detection And Defense Capabilities: This section shows the engines used to scan assets, log capacity, antivirus database
update time, system vulnerability scan time, number of precise defense events, and
number of web tamper proofing events. The information allows you to monitor the defense
and security status of your assets in real time.
- Threat statistics: You can view threat statistics.
Threat type Description Unhandled Alerts This section shows the total number of alerts in your assets and the numbers of alerts at different risk levels. The alerts generated by Security Center are classified into the following risk levels:- Urgent: high-risk alerts. If such alerts are generated, intrusion events such as reverse shells are detected on your server. We recommend that you view the details of the alerts and handle the alerts at the earliest opportunity.
- Warning: medium-risk alerts. If such alerts are generated, exceptions such as suspicious command sequences are detected on your server. We recommend that you view the details of the alerts, check whether your server is at risk, and handle the alerts.
- Notice: low-risk alerts. If such alerts are generated, low-risk exceptions such as suspicious port listening, are detected on your server. We recommend that you view the details of the alerts at the earliest opportunity.
You can click the total number below Unhandled Alerts to go to the Alerts page to view and handle alerts. For more information, see Manage alerts.
Unfixed Vul This section shows the total number of unfixed vulnerabilities and the numbers of vulnerabilities at different risk levels. You can click the total number below Unfixed Vul to go to the Vulnerabilities page to view and manage vulnerabilities. For more information, see Vulnerability fixes.
Baseline Risks This section shows the total number of baseline risks in your assets and the numbers of baseline risks at different risk levels. You can click the total number below Baseline Risks to go to the Baseline Check page to view and handle baseline risks. For more information, see Baseline checks.
Attacks This section shows the total number of attacks against your assets. You can click the number below Attacks to go to the Attack Awareness page to view attack analysis. For more information, see Attack awareness.
- Config Assessment Risks: This section shows the risks detected in the baseline configurations of cloud services.
You can click See All to go to the Cloud Platform Configuration Assessment page to view and handle configuration risks in your cloud services. For more information, see Cloud service configuration assessment.
- Issue Resolved (Last 15 days): This section shows the numbers of alerts, vulnerabilities, and baseline risks that
have been handled in the last 15 days. The statistics are displayed in a column and
trend chart.
Upgrade Security Center, increase your asset quota, and renew your subscription
- Basic Edition: The current edition and the Upgrade Now button are displayed in the upper-right corner. You must upgrade your Security Center service to the Basic Anti-Virus, Advanced, or Enterprise edition to use advanced features. The advanced features include baseline checks, asset fingerprints, malicious process detection, and log analysis.
- Basic Anti-Virus, Advanced, or Enterprise Edition: The expiration date and total number of assets are displayed in the upper-right
corner of the Overview page. The Upgrade Now and Renew buttons are also provided. If you want to renew your subscription, click
Renew and select Manual renewal or Automatic monthly renewal as required. Note
- For more information about how to upgrade Security Center and renew your subscription, see Upgrade and downgrade Security Center and Renew the subscription to Security Center.
- If the current number of assets exceeds the asset quota that you have specified when you purchase Security Center, the Asset Scaling button is displayed in the upper-right corner.