All Products
Search
Document Center

Data Security Center:Risk overview and self-managed intelligence

Last Updated:Jun 21, 2026

The Data Security Center (DSC) detection and response value-added service supports data leak detection, access tracing, and adding self-managed intelligence. This topic describes how to view the data leak overview, authorize assets, and add self-managed intelligence.

Prerequisites

  • You have purchased Data Security Center and a detection and response quota (purchased separately as a value-added service or included by default with the Enterprise Edition). If you have not enabled the detection and response feature or your quota is insufficient, you can upgrade your instance.

  • Make sure the instance is in a region that supports the detection and response feature. For more information, see Supported regions.

Data leak statistics overview

The Overview page uses various visualizations to summarize data leaks from the past year, including event types, frequency, risk levels, and affected assets. This helps you quickly assess your overall security posture.

  1. Log on to the Data Security Center console.

  2. In the left-side navigation pane, choose Data Detection and Response > Data Leak.

  3. On the Overview page, view data leak event statistics and perform related operations.

    Area

    Description

    Actions

    AccessKey leak and account password leak statistics

    Displays the Total AccessKey pair Leaks and Total Database Leaks for Full Data Leak and Unhandled Leaks, including leaks from GitHub Leak Amount, Public Plaintext Storage, Private Plaintext Storage, Threat Intelligence, and Self-managed Intelligence.

    • Click the image icon in the upper-right corner of the area to toggle between Full Data Leak and Unhandled Leaks.

    • Click Add Intelligence to add self-managed intelligence for AccessKey and account password leaks.

    • Click a number in the statistics to view its risk details and handling on the Security Event page.

    Asset authorization statistics (②)

    Displays the capacity and usage of your purchased OSS protection and database instance quotas.

    Click Authorize to open the Asset Authorization Configuration panel and authorize assets.

    Top 5 risk objects (③)

    Lists the top five risk objects with the most risk events.

    Click the name of a risk object to go to the Security Event page and view all types of risk events for that asset.

    Risk trend (④)

    Displays a line chart that shows the trend of alerts, broken down by risk level (High, Medium, and Low) and as a total. This helps you analyze your security posture over time.

    Filter data by Last 1 Day, Last 7 Days, Last 15 Days, Last 30 Days, or Custom time ranges.

Asset authorization

To detect potential data leak risks in OSS buckets and database instances, complete asset authorization as follows:

  1. Log on to the Data Security Center console.

  2. In the left-side navigation pane, choose Data Detection and Response > Data Leak.

  3. On the Overview tab, in the Storage Authorization Statistics and Database Authorization Statistics areas, click Authorize for the corresponding asset.

  4. In the Asset Authorization Configuration panel, on the Not authorized tab, Authorization the target asset.

    Important
    • Only RDS and PolarDB assets are supported for authorization.

    • If you cannot find the asset you want to authorize, click Asset synchronization, wait for the synchronization to complete, and then try again.

After you authorize assets, you can view the details of risk events detected by DSC.

Add self-managed intelligence

Add any AccessKey or database account you suspect is compromised to DSC as self-managed intelligence. The service will then continuously monitor these assets for suspicious activity in your authorized buckets and databases, providing real-time alerts to help you quickly handle potential data leaks.

AccessKey leak intelligence

DSC does not generate a risk event for an AccessKey that accesses an authorized bucket unless a leak is detected for that key on GitHub or within your bucket files. To monitor access events for any AccessKey, regardless of its known leak status, add it as self-managed intelligence.

  1. In the AccessKey Leak (Past Year) area, click Add Intelligence.

  2. In the Intelligence Management panel, click Add Intelligence.

  3. Add the AccessKey information by using one of the following methods.

    • Add a single entry manually

      On the Manual Import tab, enter the AccessKey ID, select a Leak Status (Leaked, Not Leaked, or Suspected Leak), enter optional Remarks, and then click OK.

      Note

      If you have authorized the target bucket and DSC has completed at least one detection cycle, it records all AccessKeys that accessed the bucket and generates sample data. You can click Preview to view this sample data and copy the AccessKey information for import.

    • Batch Upload

      1. On the Batch Upload tab, click Download Template to get the template file (.xlsx). Fill in the template with the AccessKeyId (AccessKey ID), Status (Leak Status: Leaked, Not Leaked, or Suspected Leak), and Comment (Remarks).

        If you have already authorized the target bucket and at least one detection has run after authorization, DSC records the AccessKey information for the AccessKeys that accessed the bucket and writes the sample data to the template file.

      2. Enter the AccessKey information to import into the file and save it.

      3. Return to the Batch Upload tab and click View Local File or the upload image icon to import the saved .xlsx file.

      4. Click OK.

  4. Once added, intelligence entries appear in the Intelligence Management panel, where you can view or Delete them.

Account password leak intelligence

We recommend adding any database account that you suspect is leaked, or that requires close monitoring, to self-managed intelligence for continuous risk analysis.

Important

You must authorize a database instance before you can add it to self-managed intelligence.

  1. In the Account Leak (Past Year) area, click Add Intelligence.

  2. In the Intelligence Management panel, click Add Intelligence.

  3. In the Add Intelligence dialog box, configure the database intelligence information, and then click OK.

    Parameter

    Description

    Asset Type

    Select the asset type. Only RDS and PolarDB are supported.

    Database Instance

    Select an authorized database instance.

    Database Account

    Select an account for the database instance.

    Leak Status

    Select the leak status. Supported options are Leaked, Not Leaked, or Suspected Leak.

    Remarks

    Enter optional remarks.

  4. Once added, intelligence entries appear in the Intelligence Management panel, where you can view or Delete them.

What to do next

To learn how to view risk event details and handle related risks, see Risk Details and Handling.