The Overview page of the Security Center console is an operations security center for Alibaba Cloud services. The Overview page provides dynamic visualization of the security score, status of all your assets, and the Security Center features that you have enabled. You can upgrade Security Center, renew the subscription, increase the asset quota, and configure notification settings on this page.

On the Overview page, you can view and manage risks and vulnerabilities detected in your assets.Overview

The Overview page consists of the following sections:

  • Upgrade and Renew: displays the edition of Security Center. You can upgrade Security Center to the Advanced or Enterprise edition, increase the asset quota, and renew the subscription. For more information, see Upgrade Security Center, increase asset quota, and renew subscription.Upgrade and renewal

    You can click Check Now to scan for vulnerabilities, baseline risks, and configuration risks in the assets.

  • Secure Score: displays the security score of the assets and the number of risks detected in the assets. For more information, see Security score. For more information about improving the security score, see Improve the security score.Security score

    After you click Fix Now, the Security Risk page appears. You can follow the instructions to view relevant documents or manage risks.

    The Security Risk page shows the following types of risks that need to be managed as soon as possible:

    • Unhandled alerts
    • Unfixed vulnerabilities
    • Baseline risks
    • Cloud service configuration risks
    • Attacks and other types of risks
  • Status: displays the numbers of assets that have installed the Security Center agent and those that have not, and the risk statistics on the assets.Asset status

    Click the number under Unprotected, and then click Install Agent to go to the Agent page. You can install the Security Center agent on unprotected assets. For more information about how to install the Security Center agent, see Install the Security Center agent.

  • Security Detection and Defense Capabilities: displays the engines used to scan assets, log capacity, anti-virus database update time, system vulnerability scan time, number of precise defense events, and number of web page anti-tampering events. This information helps you monitor the defense and security status of your assets in real time.Security detection and defense capabilities
  • Threat Statistics: displays threat statistics, as shown in the following table.Threat statistics
    Threat type Description
    Unhandled alerts The total number of alerts in your assets and the numbers of alerts at different levels of severity (urgent, warning, and notice).

    You can click the total number under Unhandled Alerts to go to the Alerts page to view and manage alerts. For more information, see Security events.

    Unfixed vulnerabilities The total number of vulnerabilities that have not been fixed and the numbers of vulnerabilities at different levels of severity.

    You can click the total number under Unfixed Vul to go to the Vulnerabilities page to view and manage vulnerabilities. For more information, see Vulnerability fix prioritization.

    Baseline risks The total number of baseline risks in your assets and the numbers of baseline risks at different levels of severity.

    You can click the total number under Baseline Risks to go to the Baseline Check to view and manage baseline risks. For more information, see Baseline check overview.

    Attacks The total number of attacks launched on your assets.

    You can click the number under Attacks to go to the Attack Awareness page to view attack analysis. For more information, see Attack awareness.

  • Config Assessment Risks: Risks that are detected in the baseline configurations of cloud services.Configuration assessment risks

    You can click See All to go to the Cloud Platform Configuration Assessment page to view and manage configuration risks in cloud services. For more information, see Cloud service configuration assessment.

  • Issue Resolved: The number of alerts, vulnerabilities, and baseline risks that have been managed in the last 15 days. The statistics are displayed in a bar and trend chart.Operations security

Upgrade Security Center, increase asset quota, and renew subscription

Security Center supports Basic, Advanced, and Enterprise editions. You can view the edition of Security Center in the upper-right corner of the Overview page. For more information about features supported by these editions, see Features.
  • Basic Edition: displays the current edition and the Upgrade button. The Advanced and Enterprise editions support advanced features such as baseline check, asset fingerprint, malicious process detection, and log analysis.
  • Advanced Edition or Enterprise Edition: shows the expiration date and total number of assets in the upper-right corner of the Overview page. You can also click Upgrade and Renew in the upper-right corner. Advanced edition or Enterprise edition
    Note The Asset Scaling button is displayed only if the current number of assets exceeds the asset quota that you have specified when you purchased Security Center.

Security score

Security score Description Font color
95-100 Your assets are secure. Green
85-94 Your assets are exposed to a few security risks. We recommend that you reinforce protection as soon as possible. Yellow
70-84 Your assets are exposed to a large number of security risks. We recommend that you reinforce protection as soon as possible. Yellow
69 or lower Your assets are vulnerable to attacks. We recommend that you reinforce protection as soon as possible. Red

Penalty points

Type Edition Item Penalty point
Configurations of core features Basic Whether anti-brute force attack policies are configured 2
Basic Whether quick installation of the Security Center agent is enabled 2
Advanced and Enterprise Whether Security Center has the permission to run configuration checks on cloud services 2
Advanced and Enterprise Whether anti-virus protection is enabled 2
Advanced and Enterprise Whether AccessKey leak detection is enabled 2
Advanced and Enterprise Whether log analysis is enabled 2
Unhandled alerts Advanced and Enterprise Unhandled high-risk alerts 20
Advanced and Enterprise Unhandled medium-risk alerts 20
Advanced and Enterprise Unhandled low-risk alerts 20
Unfixed vulnerabilities Advanced and Enterprise Unfixed CMS vulnerabilities 2
Advanced and Enterprise Unfixed vulnerabilities on a Windows host 2
Advanced and Enterprise Unfixed vulnerabilities on a Linux host 2
Advanced and Enterprise Unfixed urgent vulnerabilities 5
Advanced and Enterprise Undetected urgent vulnerabilities 3
Baseline risks Enterprise Baseline risks detected 1
Cloud service configuration risks Advanced and Enterprise The Security Center edition is not Advanced or Enterprise 5
Advanced and Enterprise Back-to-origin configuration checks
  • High severity: 2
  • Low severity:1
Advanced and Enterprise The Alibaba Cloud account has two-factor authentication disabled
  • High severity: 2
  • Low severity:1
Advanced and Enterprise Checks on ApsaraDB for RDS security policies failed
  • High severity: 2
  • Low severity:1
Advanced and Enterprise High severity risks in cloud service configurations 2
Advanced and Enterprise High and medium severity risks 1
AccessKey leaks Enterprise Whether has AccessKey leaks 30
Other types Enterprise Whether attacks have occurred 5
Note
  • The highest security score is 100 and the lowest is 10.
  • After penalty points are endorsed, if the security score is higher than 60 but alerts are not managed, the final score is 60.
  • After penalty points are endorsed, if the security score is higher than 80 but vulnerabilities are not fixed or an alert causes penalty points, the final score is 80.
  • After penalty points are endorsed, if the security score is higher than 90 but baseline risks are not managed, the final score is 90.