This topic provides answers to some frequently asked questions about the Overview tab of the Security Center console.

How do I view the version of the virus library?

The update time of the virus library displayed in the Security Center console indicates the version of the virus library. In the Security defense section on the Overview tab, you can view the update time of the virus library to the right of Anti-Virus Version. The server of Security Center dynamically updates the characteristics of viruses and the virus library based on the analysis results of specific engines. The engines include lexical analysis engines, virus detection engines, machine learning and deep learning engines, big data-based threat detection engines, threat intelligence engines, and abnormal behavior analysis engines. We recommend that you use Security Center to detect vulnerabilities and viruses on a regular basis to protect your servers from the latest viruses. For more information, see Use the quick scan feature and Scan for viruses.

Anti-Virus Version

After I install the Security Center agent on my Elastic Compute Service (ECS) instances, will the virus library of Security Center be installed on the instances?

No,

after you install the Security Center agent on ECS instances, Security Center does not install the virus library on your instances or download the virus library to your instances. The virus library is stored on and is updated by the server of Security Center. The server of Security Center updates the virus library in real time. Security Center checks whether your servers are exposed to viruses based on the virus library.

What are the priorities to handle security events that I can access in the Secure Score section?

The following table describes the priorities to handle security events that you can access in the Security Score section. A smaller number indicates a higher priority. The number 1 indicates the highest priority.
Priority Event handling
1 Configure or enable core features.
  • Enable web tamper proofing.
  • Configure rules to protect against brute-force attacks.
  • Authorize quick installation of the Security Center agent.
  • Grant Security Center the permissions to run configuration checks on cloud services.
  • Enable log analysis.
  • Enable antivirus.
  • Create an anti-ransomware policy.
  • Enable periodic virus detection.
  • Specify the container images that can be scanned.
  • Enable Kubernetes threat detection.
2 Handle AccessKey pair leaks.
3 Handle configuration risks in cloud services.
4 Handle baseline risks.
5 Handle security alerts.
6 Fix vulnerabilities.

The deduction items in the Enterprise and Ultimate editions are different from those in the Basic, Anti-virus, and Advanced editions. What are the differences?

The Basic, Anti-virus, and Advanced editions of Security Center do not support the attack analysis feature. Therefore, this feature is not covered in the scope of security score. For more information about deduction items, see Deduction items.

How do I enable the feature of protection against brute-force attacks?

The feature of protection against brute-force attacks blocks malicious IP addresses that attempt to log on to your servers. This improves the security score of your assets. We recommend that you enable this feature. For more information, see FAQ.

How do I handle common alerts?

Security Center allows you to handle alerts detected on your assets. This way, you can reinforce your asset security and increase the security score. For more information, see FAQ.

How does the vulnerability scan level affect the security score?

If you focus only on high- and medium-level vulnerabilities and ignore low-level vulnerabilities, you can exclude the low-level vulnerabilities from the scope of the security score. To exclude low-level vulnerabilities from the scope of the security score, click Settings in the upper-right corner of the Vulnerabilities page in the Security Center console. In the panel that appears, select High and Medium in the Vul scan level section. Then, Security Center detects only high- and medium-level vulnerabilities. Settings panel

How does the baseline check level affect the security score?

If you focus only on high- and medium-level baseline checks and ignore low-level baseline checks, you can exclude the low-level baseline checks from the scope of the security score. To exclude low-level baseline checks from the scope of the security score, choose Baseline Check > Manage Policies in the Security Center console. In the panel that appears, select High and Medium in the Baseline level section. Then, Security Center runs only high- and medium-level baseline checks. Manage Policies panel